Vulnerability Description
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Protect Client | >= 7.1.0.0, <= 7.1.8.3 |
| Ibm | Spectrum Protect For Virtual Environments | >= 7.1.0.0, <= 7.1.8.0 |
| Apple | Macos | - |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=ibm10729873Vendor Advisory
- http://www.securitytracker.com/id/1041716Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148870VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=ibm10729873Vendor Advisory
- http://www.securitytracker.com/id/1041716Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148870VDB EntryVendor Advisory
FAQ
What is CVE-2018-1785?
CVE-2018-1785 is a vulnerability with a CVSS score of 7.5 (HIGH). IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
How severe is CVE-2018-1785?
CVE-2018-1785 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1785?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect Client, Ibm Spectrum Protect For Virtual Environments, Apple Macos.