High severity7.5NVD Advisory· Published Sep 19, 2022· Updated Jun 17, 2026
CVE-2022-40608
CVE-2022-40608
Description
IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access to. IBM X-Force ID: 235873.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 10.1.6 - 10.1.11
- Range: 10.1.6
Patches
Vulnerability mechanics
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/235873nvdVDB EntryVendor Advisory
- www.ibm.com/support/pages/node/6620209nvdVendor Advisory
News mentions
0No linked articles in our index yet.