Warning Date: 16 September, 2019
Severity Level ● High
Warning Number: 2019-435
Target Sector: All
IBM has released security updates to address vulnerabilities in the following products:
- IBM Spectrum Protect Plus 10.1.0 through 10.1.4.179 (10.1.4 eFix1)
- IBM Sterling File Gateway 126.96.36.199 – 188.8.131.52
- IBM Spectrum Protect Operations Center affected levels are 8.1.3 through 8.1.7. Note that 7.1 is not affected
Attacker could exploit these vulnerabilities by doing the following:
- Unauthorized disclosure of information – remotely.
- Code injection – remotely.
- Escalation of privilege.
- Execute arbitrary code.
- Denial of service attack (DoS).
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates: