IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server

The IBM Spectrum Protect Server is affected by multiple IBM Db2 vulnerabilities that could allow local users to overwrite files owned by the Db2 instance owner, execution of arbitrary code on the system, or an elevation of privileges.

CVE(s): CVE-2018-1452, CVE-2018-1451, CVE-2018-1449, CVE-2018-1450, CVE-2018-1459, CVE-2018-1565, CVE-2018-1515, CVE-2018-1488, CVE-2018-1544, CVE-2018-1566, CVE-2018-1487

Affected product(s) and affected version(s):

These vulnerabilities affect the IBM Spectrum Protect Server 8.1.0.0 through 8.1.6.0.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10743215
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140046
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140044
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140045
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140210
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141624
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140973
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142648
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143023
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140972

The post IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2RJbvf7