CVE-2017-1301 is a vulnerability in IBM Spectrum Protect
Published on October 5, 2017

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. IBM X-Force ID: 125163.

NVD

Products Associated with CVE-2017-1301

Want to know whenever a new CVE is published for IBM Spectrum Protect? stack.watch will email you.

IBM Spectrum Protect

Affected Versions

IBM Spectrum Protect:

Version 7.1 is affected.
Version 8.1 is affected.

Exploit Probability

EPSS

0.10%

Percentile

28.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-1301 is a vulnerability in IBM Spectrum ProtectPublished on October 5, 2017

Products Associated with CVE-2017-1301

Affected Versions

Exploit Probability

CVE-2017-1301 is a vulnerability in IBM Spectrum Protect
Published on October 5, 2017