CVE-2018-1882

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
4.7MEDIUM
EPSS
0.0%
top 91.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
IBM Spectrum Protect Backup-archive ClientIBM Spectrum Protect FOR Virtual EnvironmentsIBM Spectrum Protect+1 more
Timeline
PublishedApr 8
Latest updateMay 13

Description

In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

NVDibm/spectrum_protect7.1.0.07.1.8.4+2
CVEListV5ibm/spectrum_protect7.1, 8.1+1

Patches

Patch: www.ibm.comPatch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-p469-7gqp-fp24: In a certain atypical IBM Spectrum Protect 72022-05-13
CVEList
CVE-2018-1882: In a certain atypical IBM Spectrum Protect 72019-04-08
CVE-2018-1882 (MEDIUM CVSS 4.7) | In a certain atypical IBM Spectrum | cvebase.io