April 23, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Tor-Based Linux Botnet spreads by Abusing IaC Tools – Active IoCs
April 26, 2021Rewterz Threat Alert – REVIL/SODINOKIBI MALWARE Campaign Targeting Financial Sector
April 27, 2021Rewterz Threat Alert – Tor-Based Linux Botnet spreads by Abusing IaC Tools – Active IoCs
April 26, 2021Rewterz Threat Alert – REVIL/SODINOKIBI MALWARE Campaign Targeting Financial Sector
April 27, 2021
Severity
Medium
Analysis Summary
CVE-2021-20532
IBM Spectrum Protect Client could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions.
CVE-2021-20536
IBM Spectrum Protect Plus File Systems Agent stores potentially sensitive information in log files that could be read by a local user.
CVE-2021-29694
IBM Spectrum Protect Plus uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Impact
- Unauthorized Access
- Obtain Information
Affected Vendors
IBM
Affected Products
- IBM Spectrum Protect for Virtual Enviroments 8.1.0.0
- IBM Spectrum Protect for Virtual Enviroments 8.1.11.0
- IBM Spectrum Protect Plus 10.1.6
- IBm Spectrum Protect Plus 10.1.7
- IBM Spectrum Protect Plus 10.1.0
Remediation
Refer to IBM Security Bulletin for more updates. .
IBM Security Bulletin 6445503 (Spectrum Protect for Virtual Environments)
