Vulnerability Details CVE-2019-4385
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.4%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 2.1
References
- http://www.ibm.com/support/docview.wss?uid=ibm10886099
- http://www.securityfocus.com/bid/108899
- https://exchange.xforce.ibmcloud.com/vulnerabilities/162173
- http://www.ibm.com/support/docview.wss?uid=ibm10886099
- http://www.securityfocus.com/bid/108899
- https://exchange.xforce.ibmcloud.com/vulnerabilities/162173
Products affected by CVE-2019-4385
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.219
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.247
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.271
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.303