Vulnerability-Lookup

GHSA-5VH7-HCV2-H9GX

Vulnerability from github – Published: 2026-06-22 18:34 – Updated: 2026-06-22 18:34

Details

IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources.

Severity

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-12628"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-22T16:16:34Z",
    "severity": "HIGH"
  },
  "details": "IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources.",
  "id": "GHSA-5vh7-hcv2-h9gx",
  "modified": "2026-06-22T18:34:14Z",
  "published": "2026-06-22T18:34:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12628"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7277245"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2026-12628 (GCVE-0-2026-12628)

Vulnerability from cvelistv5 – Published: 2026-06-22 13:43 – Updated: 2026-06-25 13:46

Title

Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system

Summary

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-798 - Use of Hard-coded Credentials

Assigner

ibm

References

1 reference

URL	Tags
https://www.ibm.com/support/pages/node/7277245	vendor-advisorypatch

Impacted products

2 products

Vendor	Product	Version
IBM	Storage Protect Client	Affected: 8.1.0.0 , ≤ 8.2.1.0 (semver) cpe:2.3:a:ibm:storage_protect_client:8.1.0.0:::::::* cpe:2.3:a:ibm:storage_protect_client:8.2.1.0:::::::*
IBM	Storage Protect Snapshot For Windows	Affected: 8.1.0.0 , ≤ 8.2.1.0 (semver) cpe:2.3:a:ibm:storage_protect_snapshot_for_windows:8.1.0.0:::::::* cpe:2.3:a:ibm:storage_protect_snapshot_for_windows:8.2.1.0:::::::*

Credits

The vulnerability was reported to IBM by Pétur Eyþórsson and Cristie Nordic.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-12628",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T03:55:26.275060Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:46:45.963Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:storage_protect_client:8.1.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:storage_protect_client:8.2.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Storage Protect Client",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "8.2.1.0",
              "status": "affected",
              "version": "8.1.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:storage_protect_snapshot_for_windows:8.1.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:storage_protect_snapshot_for_windows:8.2.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Storage Protect Snapshot For Windows",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "8.2.1.0",
              "status": "affected",
              "version": "8.1.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "The vulnerability was reported to IBM by P\u00e9tur Ey\u00fe\u00f3rsson and Cristie Nordic."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources.\u003c/p\u003e"
            }
          ],
          "value": "IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-23T18:52:31.455Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7277245"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eFixing level\u003c/td\u003e\u003ctd\u003ePlatforms\u003c/td\u003e\u003ctd\u003eLink to fix and instructions\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Storage Protect Backup-Archive Client\u003c/td\u003e\u003ctd\u003e8.2.1.1\u003c/td\u003e\u003ctd\u003eWindows\u0026nbsp;\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/support/pages/node/7267111\" rel=\"nofollow\"\u003ehttps://www.ibm.com/support/pages/node/7267111\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003eCurrently, the vulnerability has been addressed on the Windows platform through an iFix release.\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA hardcoded password present in the source code of IBM Storage Protect Snapshot For Windows, which led to a security vulnerability, has been resolved in this release.\u003c/p\u003e\u003cp\u003eFor other platforms (AIX, HP-UX, Linux, Macintosh, and Solaris), the hardcoded password still exists in the code; however, it is not actively used and is only identified during static code scans. This issue has been assessed as low severity, and separate PVRs have been created to track it.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "IBM strongly recommends addressing the vulnerability now.\n\nProductFixing levelPlatformsLink to fix and instructionsIBM Storage Protect Backup-Archive Client8.2.1.1Windows\u00a0 https://www.ibm.com/support/pages/node/7267111 \n\n\n\nCurrently, the vulnerability has been addressed on the Windows platform through an iFix release.\n\n\n\n\n\nA hardcoded password present in the source code of IBM Storage Protect Snapshot For Windows, which led to a security vulnerability, has been resolved in this release.\n\n\n\nFor other platforms (AIX, HP-UX, Linux, Macintosh, and Solaris), the hardcoded password still exists in the code; however, it is not actively used and is only identified during static code scans. This issue has been assessed as low severity, and separate PVRs have been created to track it."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eThe remaining PVRs for other platforms are classified with a low severity score and will be addressed in an upcoming release.\u003c/div\u003e"
            }
          ],
          "value": "The remaining PVRs for other platforms are classified with a low severity score and will be addressed in an upcoming release."
        }
      ],
      "x_generator": {
        "engine": "ibm-cvegen"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2026-12628",
    "datePublished": "2026-06-22T13:43:33.351Z",
    "dateReserved": "2026-06-18T15:18:16.795Z",
    "dateUpdated": "2026-06-25T13:46:45.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-5VH7-HCV2-H9GX

CVE-2026-12628 (GCVE-0-2026-12628)

Tags

Sightings

Nomenclature