This script is Copyright (C) 2017 Tenable Network Security, Inc.
The backup service installed on the remote host is affected by a
remote code execution vulnerability.
IBM Spectrum Protect, formerly known as Tivoli Storage Manager,
installed on the remote host is version 184.108.40.206 through 220.127.116.11. It
is, therefore, affected by a buffer overflow condition when handling
the SELECT command in a SQL query due to improper validation of input.
An authenticated, remote attacker with TSM administrator privileges
can exploit this issue, via a specially crafted SQL query, to cause a
denial of service condition or the execution of arbitrary code.
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
See also :
Upgrade to IBM Spectrum Protect Server 18.104.22.168 or later.
Risk factor :
Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 4.4
Public Exploit Available : false