Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2019-4357
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667,
Ibm Spectrum Protect Plus 10.1.1
Ibm Spectrum Protect Plus 10.1.3
Ibm Spectrum Protect Plus 10.1.2
6.7
CVSSv3
CVE-2019-4383
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165.
Ibm Spectrum Protect Plus 10.1.1
Ibm Spectrum Protect Plus 10.1.3
Ibm Spectrum Protect Plus 10.1.2
7.8
CVSSv3
CVE-2018-1768
IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file. IBM X-Force ID: 148622.
Ibm Spectrum Protect Plus 10.1.1
Ibm Spectrum Protect Plus 10.1.0
8.8
CVSSv3
CVE-2020-4241
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitr...
Ibm Spectrum Protect Plus
Ibm Spectrum Scale
8.8
CVSSv3
CVE-2020-4242
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitr...
Ibm Spectrum Protect Plus
Ibm Spectrum Scale
7.5
CVSSv3
CVE-2022-40608
IBM Spectrum Protect Plus 10.1.6 up to and including 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the ope...
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2022-40234
Versions of IBM Spectrum Protect Plus before 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obta...
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4711
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM...
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2020-4214
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to arbitrary delete a directory caused by improper validation of user-supplied input. IBM X-Force ID: 175026.
Ibm Spectrum Protect Plus
9.8
CVSSv3
CVE-2020-4216
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 1...
Ibm Spectrum Protect Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »