IBM Spectrum Protect (formerly Tivoli Storage Manager) clients and agents store password information in the Windows Registry which can be compromised.
CVE(s): CVE-2016-8939
Affected product(s) and affected version(s):
The following versions of the IBM Spectrum Protect (formerly Tivoli Storage Manager) Windows Client are affected:
- 8.1 all levels
- 7.1 all levels
- 6.4 all levels
- 6.3 and below which are all EOS.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2qFuv4F
X-Force Database: http://ift.tt/2roqGOn
The post IBM Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Windows Client password exposure (CVE-2016-8939) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2qFqSvp
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.