Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2019-4383
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165.
Ibm Spectrum Protect Plus 10.1.1
Ibm Spectrum Protect Plus 10.1.3
Ibm Spectrum Protect Plus 10.1.2
641
VMScore
CVE-2019-4357
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667,
Ibm Spectrum Protect Plus 10.1.1
Ibm Spectrum Protect Plus 10.1.3
Ibm Spectrum Protect Plus 10.1.2
187
VMScore
CVE-2018-1768
IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file. IBM X-Force ID: 148622.
Ibm Spectrum Protect Plus 10.1.1
Ibm Spectrum Protect Plus 10.1.0
801
VMScore
CVE-2020-4241
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitr...
Ibm Spectrum Protect Plus
Ibm Spectrum Scale
801
VMScore
CVE-2020-4242
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitr...
Ibm Spectrum Protect Plus
Ibm Spectrum Scale
NA
CVE-2022-40234
Versions of IBM Spectrum Protect Plus before 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obta...
Ibm Spectrum Protect Plus
NA
CVE-2022-40608
IBM Spectrum Protect Plus 10.1.6 up to and including 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the ope...
Ibm Spectrum Protect Plus
NA
CVE-2020-4497
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques....
Ibm Spectrum Protect Plus
383
VMScore
CVE-2020-4565
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an malicious user to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 183935.
Ibm Spectrum Protect Plus
187
VMScore
CVE-2019-4385
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173.
Ibm Spectrum Protect Plus
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »