IBM Spectrum Protect Client Windows Registry Credentials Disclosure
Low Nessus Plugin ID 100718
A client application installed on the remote host is affected by an information disclosure vulnerability.
The version of IBM Spectrum Protect Client installed on the remote Windows host is affected by an information disclosure vulnerability due to insecure permission for registry keys under the 'HKLM\Software\IBM\ADSM\CurrentVersion\Nodes\' key. A local attacker can exploit this vulnerability to disclose credentials. IBM Spectrum Protect was formerly known as IBM Tivoli Storage Manager in releases prior to version 7.1.3.
Refer to the vendor advisory for instructions on remediation.