Description
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are not printed. IBM X-Force ID: 222231.
CVSS breakdown
CVSS 3.0
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Scope
Changed
User Interaction
None
Privileges Required
High
Confidentiality
High
RL
O
E
Unchanged
RC
Changed
Affected products
- ibm / Spectrum Protect Plus10.1.0.0 – 10.1.0.0
- ibm / Spectrum Protect Plus10.1.9.3 – 10.1.9.3