Vulnerabilities > CVE-2019-4088 - Unspecified vulnerability in IBM Spectrum Protect Operations Center

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

ibm

NVD

Published: 2019-07-02

Updated: 2022-12-09

Summary

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain root privileges on the vulnerable system. IBM X-Force ID: 157511.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Spectrum Protect Operations Center 7.1.0.000 IBM Spectrum Protect Operations Center 7.1.1.000 IBM Spectrum Protect Operations Center 7.1.3.000 IBM Spectrum Protect Operations Center 7.1.4.000 IBM Spectrum Protect Operations Center 7.1.5.000 IBM Spectrum Protect Operations Center 7.1.6.000 IBM Spectrum Protect Operations Center 7.1.7.000 IBM Spectrum Protect Operations Center 7.1.8.000 IBM Spectrum Protect Operations Center 7.1.9.200 IBM Spectrum Protect Operations Center 8.1.0.000 IBM Spectrum Protect Operations Center 8.1.1.000 IBM Spectrum Protect Operations Center 8.1.2.000 IBM Spectrum Protect Operations Center 8.1.3.000 IBM Spectrum Protect Operations Center 8.1.4.000 IBM Spectrum Protect Operations Center 8.1.5.000 IBM Spectrum Protect Operations Center 8.1.6.000 IBM Spectrum Protect Operations Center 8.1.7.000	17

Summary

Vulnerable Configurations

References