Home Unlabelled IBM Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect for Virtual Environments allow Triple DES (3DES) ciphers to be used (CVE-2018-1785)

IBM Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect for Virtual Environments allow Triple DES (3DES) ciphers to be used (CVE-2018-1785)

By
Monday, September 24, 2018
Read
Add Comment

Sep 24, 2018 9:01 am EDT

Categorized: Low Severity

Share this post:

IBM Spectrum Protect (formerly Tivoli Storage Manager) and IBM Spectrum Protect for Virtual Environments allow Triple DES (3DES) ciphers to be used. This can result in the use of weaker than expected cryptographic algorithms.

CVE(s): CVE-2018-1785

Affected product(s) and affected version(s):

This security exposure affects the following products and levels:

  • IBM Spectrum Protect (formerly Tivoli Storage Manager) Client levels:
    – 8.1.0.0 through 8.14.2 (Macintosh)
    8.1.0.0 through 8.1.4.1 (All other platforms)
    – 7.1.0.0 through 7.1.8.3
  • IBM Spectrum Protect for Virtual Environments (formerly Tivoli Storage Manager for Virtual Environments): Data Protection for VMware levels:
    – 8.1.0.0 through 8.1.4.1
    – 7.1.0.0 through 7.1 8.2
  • IBM Spectrum Protect for Virtual Environments (formerly Tivoli Storage for Virtual Environments): Data Protection for Hyper-V levels:
    – 8.1.0.0 through 8.1.4.0
    – 7.1.0.0 through 7.1.8.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10729873
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148870



from IBM Product Security Incident Response Team https://ift.tt/2Ia4i3E
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us