IBM Security Bulletin: Incorrect permissions on restored files and directories using IBM Spectrum Protect Backup-Archive Client web user interface on Windows (CVE-2019-4093)

Files and directories restored using the IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client web user interface on Windows may have incorrect permissions.

CVE(s): CVE-2019-4093

Affected product(s) and affected version(s):
IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client web user interface version 8.1.7 on Windows.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10875518
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157981

The post IBM Security Bulletin: Incorrect permissions on restored files and directories using IBM Spectrum Protect Backup-Archive Client web user interface on Windows (CVE-2019-4093) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2Fu38io