SynopsisThe backup service installed on the remote host is affected by a denial of service vulnerability.
DescriptionIBM Spectrum Protect, formerly known as Tivoli Storage Manager, installed on the remote host is version 7.1.x < 220.127.116.11 or 8.1.x < 18.104.22.168. It is, therefore, affected by a denial of service (DoS) vulnerability due to the incorrect accumulation of TCP/IP sockets in a CLOSE_WAIT state. An unauthenticated, remote attacker can exploit this issue to cause the process to stop responding.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to IBM Spectrum Protect 22.214.171.124 or 126.96.36.199 or later.