NewsUpdate 2: Vulnerability in IBM Spectrum Protect 8.1.14.000 Server - what you should do now

Andreas Schwab — 14. July 2022
Reading time 0:31 minutes

Sicherheitslücke bei IBM Spectrum Protect 8.1.14.000 Server

breaking news: Security bulletin for IBM ISP server version 8.1.14.000 released, high risk for users

Prevent possible cyber attacks on your ISP 8.1.14.000 server

The latest IBM Security Bulletin shares: IBM Spectrum Protect 8.1.14.000 Server is vulnerable to bypass of security restrictions (CVE-2022-22394). IBM Spectrum Protect 8.1.14.000 Server could allow an attacker to bypass security restrictions due to improper enforcement of access controls.

Vulnerability details

CVEID: CVE-2022-22394

CVSS base rating: 7.5

Description

The IBM Spectrum Protect 8.1.14.000 server could allow an attacker to bypass security restrictions caused by improper enforcement of access controls.

 

By logging in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.

 

Affected platforms: AIX, Linux, Windows

Affected ISP Server Versions: 8.1.14.000

Fixing Level

8.1.14.100

IBM FTP Download Links

https://public.dhe.ibm.com/storage/tivoli-storage-management/patches/server/

 

 

If you are looking for support or have any questions, we are here to help.

 

Source: IBM

Andreas Schwab

Andreas Schwab

Andreas Schwab is an IT consultant and senior service engineer at Empalis. For the past three years, he has enriched our Managed Service Team with over 25 years of experience and know-how from system administration - from setup to further development and operation of the entire IBM Spectrum Protect environment (client and server).

You were interested in this, then you may also be interested in...