CVE-2019-4140: Infoleak
First published: Tue Jul 02 2019(Updated: )
IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Spectrum Protect | >=7.1.0.0<7.1.9.300 | |
| IBM Spectrum Protect | >=8.1.0.0<8.1.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-4140.
What is the severity level of IBM Tivoli Storage Manager Server vulnerability (CVE-2019-4140)?
The severity level of this vulnerability is high with a score of 7.1.
Who can exploit IBM Tivoli Storage Manager Server vulnerability (CVE-2019-4140)?
A local user can exploit this vulnerability.
What could a local user do if they exploit IBM Tivoli Storage Manager Server vulnerability (CVE-2019-4140)?
A local user can replace existing databases by restoring old data.
Are there any fixes or patches available for IBM Tivoli Storage Manager Server vulnerability (CVE-2019-4140)?
Yes, IBM has provided fixes and patches to address this vulnerability. Please refer to the IBM support website for more information.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/remedy
- agent/description
- agent/tags
- agent/event
- agent/first-publish-date
- vendor/ibm
- canonical/ibm spectrum protect
- version/ibm spectrum protect/7.1.0.0
- version/ibm spectrum protect/8.1.0.0