SynopsisThe backup service installed on the remote host is affected by a remote code execution vulnerability.
DescriptionIBM Spectrum Protect, formerly known as Tivoli Storage Manager, running on the remote host is version 7.1.x < 220.127.116.11 or 8.1.x < 18.104.22.1680. It is, therefore, is vulnerable to a stack-based buffer overflow which could allow an unauthenticated, remote attacker to executive arbitrary code on the system or cause the IBM Spectrum Protect Server to crash.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to IBM Spectrum Protect 22.214.171.124 or 126.96.36.1990 or later.