IBM Spectrum Protect Plus is a modern data protection solution that provides near-instant data recovery, replication, retention, and reuse for physical and virtual machines, Windows file systems, databases applications, SaaS workloads, and containers. It is easily deployed as a virtual appliance and the agentless architecture is easy to maintain. It unlocks the value of your data by improving the quality and speed of testing, reporting, and analytics.
IBM Spectrum Protect Plus Microsoft® File Systems backup and restore may be affected by vulnerabilities in Python, Tornado. and Urllib3 such as server-side request forgery, HTTP response splitting, buffer overflow, and man-in-the-middle attacks.
Affected product(s) and affected version(s):
|IBM Spectrum Protect Plus Microsoft File Systems backup and restore||10.1.6-10.1.8|
MwCERT is recommending users and system administrators to refer to the following reference URLs for remediation and additional vulnerability details:
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/201083
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198199
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/195065
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/195244