The official site for Saudi CERT
IBM Alert
2885
Warning Date
Severity Level
Warning Number
Target Sector
18 September, 2022
● High
2022-5253
All
IBM has released security updates to address several vulnerabilities in several products:
- IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes
- IBM Spectrum Protect Plus Container Backup and Restore for Red Hat OpenShift
- IBM Spectrum Protect Plus File Systems Agent
- IBM Spectrum Protect Plus
- IBM Spectrum Copy Data Management
- IBM Spectrum Protect Server
Attacker could exploit these vulnerabilities by doing the following:
- Escalation of privilege
- Bypass of a protection mechanism
- Execute arbitrary code
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-golang-go-and-minio-may-affect-ibm-spectrum-plus-container-backup-and-restore-for-kubernetes-and-red-hat-openshift-cve-2022-29804-cve-2022-30580-cve-2022-306/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-pallets-werkzeug-may-affect-ibm-spectrum-protect-plus-microsoft-file-systems-backup-and-restore-cve-2022-29361/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-libcurl-may-affect-ibm-spectrum-protect-plus-cve-2021-22946-cve-2022-27782-cve-2022-27774-cve-2022-22576-cve-2021-22947-cve-2022-27776/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-libcurl-may-affect-ibm-spectrum-copy-data-management-cve-2022-27782-cve-2022-27774-cve-2021-22947-cve-2022-22576-cve-2022-27776-cve-2021-22946/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-node-js-may-affect-ibm-spectrum-protect-plus-cve-2022-32223-cve-2022-32215-cve-2022-33987-cve-2022-32213-cve-2022-32212-cve-2022-32222-cve-2022-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-golang-go-postgresql-jquery-and-google-gson-may-affect-ibm-spectrum-copy-data-management/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-db2-golang-go-and-logback-may-affect-the-ibm-spectrum-protect-server-cve-2022-30631-cve-2022-30633-cve-2022-1705-cve-2022-22389-cve-2022-22390-cve-20/
Rate the content
Share the page
