QID 376473

Date Published: 2022-03-16

QID 376473: IBM Spectrum Control Multiple Vulnerabilities (6561029)

P>IBM Spectrum Protect provides automated, centrally scheduled, policy-managed backup, archive, and space-management capabilities for file servers. IBM Spectrum Control has multiple vulnerabilities:
IBM Dojo (CVE-2021-234550)
Java SE (CVE-2021-35578)
IBM WebSphere Application Server - Liberty (CVE-2021-39031)
Apache Log4j (CVE-2021-44832)
Gson (217225)

Affected Versions:
IBM Spectrum Control 5.4.0 - 5.4.5.2

Successful exploitation could compromise confidentiality, integrity and security.

  • CVSS V3 rated as Critical - 9.8 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution
    Vendor has released updated version to address this issue. Refer to 6561029 for details.
    Vendor References

    CVEs related to QID 376473

    Software Advisories
    Advisory ID Software Component Link
    6561029 URL Logo www.ibm.com/support/pages/node/6561029