Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-22487
An IBM Spectrum Protect storage agent could allow a remote malicious user to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techn...
Ibm Spectrum Protect Server
9.8
CVSSv3
CVE-2022-22485
In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vu...
Ibm Spectrum Protect Operations Center
9.8
CVSSv3
CVE-2020-4415
IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote malicious user to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectru...
Ibm Spectrum Protect
9.8
CVSSv3
CVE-2019-4087
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote a...
Ibm Spectrum Protect Operations Center
9.8
CVSSv3
CVE-2016-8937
The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Forc...
Ibm Tivoli Storage Manager 6.1.2
Ibm Tivoli Storage Manager 6.1.3
Ibm Tivoli Storage Manager 6.1.4
Ibm Tivoli Storage Manager 6.1.5
Ibm Tivoli Storage Manager 6.3.1
Ibm Tivoli Storage Manager 6.3.1.2
Ibm Tivoli Storage Manager 6.3.2.2
Ibm Tivoli Storage Manager 6.3.3
Ibm Tivoli Storage Manager 6.4.3.1
Ibm Tivoli Storage Manager 7.1
Ibm Tivoli Storage Manager 7.1..5.100
Ibm Tivoli Storage Manager 7.1.0.1
Ibm Tivoli Storage Manager 7.1.4
Ibm Tivoli Storage Manager 7.1.4.1
Ibm Tivoli Storage Manager 7.1.4.2
Ibm Tivoli Storage Manager 7.1.5
Ibm Tivoli Storage Manager 6.1.0
Ibm Tivoli Storage Manager 6.1.5.5
Ibm Tivoli Storage Manager 6.2.0
Ibm Tivoli Storage Manager 6.3
Ibm Tivoli Storage Manager 6.3.0.15
Ibm Tivoli Storage Manager 6.3.5
8.8
CVSSv3
CVE-2022-22472
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 up to and including 10.1.10.2 for Kubernetes and 10.1.7 up to and including 10.1.10.2 for Red Hat OpenShift) could allow a remote malicious user to bypass IBM Spectrum Protect Plus role based access control restrictio...
Ibm Spectrum Protect Plus Container Backup And Restore
8.8
CVSSv3
CVE-2022-22394
The IBM Spectrum Protect 8.1.14.000 server could allow a remote malicious user to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or...
Ibm Spectrum Protect 8.1.14.100
8.1
CVSSv3
CVE-2021-39057
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other atta...
Ibm Spectrum Protect Plus
8
CVSSv3
CVE-2020-4703
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-447...
Ibm Spectrum Protect Plus
8
CVSSv3
CVE-2020-4470
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725.
Ibm Spectrum Protect Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »