Expert GuideVulnerabilities in IBM Spectrum Protect Server 8.1.14.000: Latest vulnerability assessment

Dr. Christian Biermann — 25. July 2022
Reading time 3:04 minutes

IBM has released further security bulletins in the last few days. We have summarized what protects you now from cyber attackers in current ISP server security vulnerabilities.

IBM Spectrum Protect Server 8.1.14.000

The IBM Spectrum Protect 8.1.14.000 server could allow an attacker to bypass security restrictions caused by improper enforcement of access controls.

By logging in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.

Attack target: Gain privileges

Existing attack scenarios: Not known

Affected: Spectrum Protect Server up to 8.1.1.14.000 (AIX, Linux, Windows)

Fixing Level: 8.1.14.100

To the security bulletin

Brute force attack

An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing an unlimited number of login attempts to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect storage agent and the IBM Spectrum Protect server with which it communicates.

Attack target: information leakage

Existing attack scenarios: Not known

Affected: Spectrum Protect Server up to 8.1.1.14.XXX (AIX, Linux, Windows)

Fixing Level: 8.1.15

To the security bulletin

IBM Spectrum Protect Operations Center

In some cases, an unsuccessful attempt to log on to IBM Spectrum Protect Operations Center does not result in an increase in the number of invalid administrator logons on IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect server.

Attack target: information leakage

Existing attack scenarios: Not known

Affected: Spectrum Protect Server up to 8.1.1.14.000 (AIX, Linux, Windows)

Fixing Level: 8.1.14.100

To the security bulletin

User account

While a user account is set up for the IBM Spectrum Protect server, it may be configured to use SESSIONSECURITY=TRANSITIONAL. In this mode, it may be vulnerable to an offline dictionary attack.

Attack target: information leakage

Existing attack scenarios: Not known

Affected: Spectrum Protect Server up to 8.1.1.14.XXX (AIX, Linux, Windows)

Fixing Level: 8.1.15

To the security bulletin

Spectrum Protect Server, Backup/Archive Client, Space Management and Spectrum Protect for Virtual Environments

An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information, resulting in a high confidentiality compromise, by using unknown attack vectors.

Attack target: information leakage

Existing attack scenarios: Not known

Affected:

Spectrum Protect Client up to 8.1.1.14.0 (AIX (Web User Interface only).

Linux (Web User Interface only), Windows, Macintosh)

Spectrum Protect for Space Management up to 8.1.14.0 (AIX, Linux)

Spectrum Protect for Virtual Environments 8.1.14.0 (Linux, Windows)

Spectrum Protect Server 8.1.14.XXX (AIX, Linux, Windows)

Fixing Level: 8.1.15

To the security bulletin

An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information, which has a minor impact on confidentiality, by using unknown attack vectors.

Attack target: information leakage

Existing attack scenarios: Not known

Affected:

Spectrum Protect Client up to 8.1.1.14.0 (AIX (Web User Interface only).

Linux (Web User Interface only), Windows, Macintosh)

Spectrum Protect for Space Management up to 8.1.14.0 (AIX, Linux)

Spectrum Protect for Virtual Environments 8.1.14.0 (Linux, Windows)

Spectrum Protect Server 8.1.14.XXX (AIX, Linux, Windows)

Fixing Level: 8.1.15

To the security bulletin

Backup/Archive Client

OpenSSL is vulnerable to a denial of service caused by a flaw in the BN_mod_sqrt() function when parsing certificates. By using a specially crafted certificate with invalid explicit curve parameters, a remote attacker can exploit this vulnerability to cause an infinite loop, resulting in a denial of service condition.

Attack Target: Denial of Service

Existing attack scenarios: Proof of Concept

Affected: Spectrum Protect Backup-Archive Client up to 8.1.1.14.0 (Linux, Windows)

Fixing Level: 8.1.15

To the security bulletin

User credentials

IBM Spectrum Protect Client stores user credentials in plain text that can be read by a local user.

Attack target: information readout

Existing attack scenarios: Not known

Affected: Spectrum Protect Backup Archive Client up to 8.1.1.14.0 (AIX, HP-UX, Linux, Macintosh, Solaris, Windows)

Fixing Level: 8.1.15

To the security bulletin

Denial of service for IBM Spectrum Protect client operations

The IBM Spectrum Protect processes dsmcad, dsmc, and dsmcsvc incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations.

Attack Target: Denial of Service

Existing attack scenarios: Not known

Affected: Spectrum Protect backup archive client up to 8.1.1.14.0 (AIX, HP-UX, Linux, Macintosh, Solaris, Windows)

Fixing Level: 8.1.15

To the security bulletin

If you need assistance with installations or updates, please do not hesitate to contact us.

Your Empalis-Team

Dr. Christian Biermann

Dr. Christian Biermann has been working as an IT Senior Consultant with a focus on IBM Spectrum Protect since 2021. From over twenty-five years of experience in the IT environment, he brings around twenty years of project and support experience with the products of the Tivoli Storage Manager and Spectrum Protect portfolios to his consulting work.

Do you need to implement NIS2? Cyber resilience is (not) a question of backup

Modern and innovative data protection for your company.

Managed service - backup tailored to your needs

Empalis supports you with your comprehensive security management.

Discover the Empalis Cloud: flexible, multifunctional, highly scalable.

IBM Tivoli System Automation for z/OS (SA for z/OS): Numerous system management functions with a single point of control

Get solutions to a wide range of NIS2-related issues in one go: with VIKING Backup Guardian - cyber-resilient all-in-one backup solution.

Harden your IT infrastructure against cyber attacks

Optimise your data backup environment and archiving

We manage your backup environment for you.

Easy and efficient administration of IBM System z/OS

Veeam offers you exciting opportunities to future-proof your IT and backup environment.

Since more than 30 years we provide consulting services for IBM products and manage IBM infrastructures in the enterprise environment.

Alert message: Error in Veeam Backup for Microsoft 365: First aid for admins when backing up Exchange mailboxes

Cohesity is our strong partner for cyber-resilient architectures with VIKING.

With Predatar, you have a clear advantage thanks to AI anomaly detection: Proactive Recovery Assurance

So why not wasabi?

The interface for easy use of IBM Storage Protect (ISP)

Because our customers love it: Get to know our partner technologies from General Storage

Automated monitoring & reporting - complete control of all backups and restores in your company

Managing Microsoft Sharepoint - sustainable, secure, productive with Docave

Get an overview of trainings & events

Easter bundle until 30.04.2024: Book now and save 20%-30% by quoting the promo code!

Am 18.06.2024 diskutieren wir mit unseren Partnern Veeam und Wasabi, wie Sie Risiken effizienter minimieren.

Proxmox with Veeam - an alternative to VMware?

Empalis technical article in IT Security Online: Cyber Resilience: Which backup solution for Microsoft 365?

Empalis ist again awarded as top company in 2024 - thank you!

The formula for our success: Be there, keep listening, implement.

Empalis ist pioneer partner of Apex by Predatar

Empalis is welcoming new employees - just send us your unsolicited application.

We look forward to hearing from you!

Expert GuideVulnerabilities in IBM Spectrum Protect Server 8.1.14.000: Latest vulnerability assessment

IBM Spectrum Protect Server 8.1.14.000

Brute force attack

IBM Spectrum Protect Operations Center

User account

Spectrum Protect Server, Backup/Archive Client, Space Management and Spectrum Protect for Virtual Environments

Backup/Archive Client

User credentials

Denial of service for IBM Spectrum Protect client operations

Dr. Christian Biermann

You were interested in this, then you may also be interested in...

NewsCyber-resilienter durch mehr Einblick in Ihre Daten: Mit dem Predatar 12.2 Release - Erweiterungen für IBM Spectrum protect und IBM Spectrum Protect Plus

NewsDas Backup – die letzte Verteidigungslinie

Use CasePerformante Backup-Umgebung und bedarfsgerechter IT-Service für die FONDIUM Group GmbH

NewsIBM zSecurity Ecosystem Series Video online "Identify & Key Management, Secure and Easy in a Hybrid Cloud with Empalis"

NewsIBM Spectrum Protect Plus Release 10.1.11: Security Fixe, die Lücken beheben mit denen Angreifer weitergehende Rechte oder Zugriffe erlangen kann.

NewsDas Backup – die letzte
Verteidigungslinie

NewsIBM zSecurity Ecosystem Series
Video online "Identify & Key Management, Secure and Easy in a Hybrid Cloud with Empalis"