Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum protect vulnerabilities and exploits
(subscribe to this query)
295
VMScore
CVE-2022-22496
While a user account for the IBM Spectrum Protect Server 8.1.0.000 up to and including 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.
Ibm Spectrum Protect Server
490
VMScore
CVE-2021-39057
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other atta...
Ibm Spectrum Protect Plus
169
VMScore
CVE-2020-4631
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372...
Ibm Spectrum Protect Plus
890
VMScore
CVE-2020-4211
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022.
Ibm Spectrum Protect
Ibm Spectrum Protect 10.1.5
802
VMScore
CVE-2022-22394
The IBM Spectrum Protect 8.1.14.000 server could allow a remote malicious user to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or...
Ibm Spectrum Protect 8.1.14.100
187
VMScore
CVE-2016-2894
IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 up to and including 6.3 prior to 6.3.2.6, 6.4 prior to 6.4.3.3, and 7.1 prior to 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous us...
Ibm Tivoli Storage Manager 6.3.0.17
Ibm Tivoli Storage Manager 6.3.0.15
Ibm Tivoli Storage Manager 6.2.1
Ibm Tivoli Storage Manager 6.2.0
Ibm Tivoli Storage Manager 6.1.2
Ibm Tivoli Storage Manager 6.1.1
Ibm Tivoli Storage Manager 5.5.3
Ibm Tivoli Storage Manager 5.5.2
Ibm Tivoli Storage Manager 6.3.1
Ibm Tivoli Storage Manager 6.3.0.5
Ibm Tivoli Storage Manager 6.2.3
Ibm Tivoli Storage Manager 6.2.2
Ibm Tivoli Storage Manager 6.1.5
Ibm Tivoli Storage Manager 6.1.4
Ibm Tivoli Storage Manager 6.1.3
Ibm Tivoli Storage Manager 5.5.4.1
Ibm Tivoli Storage Manager 5.5.4
Ibm Tivoli Storage Manager 6.3.0
Ibm Tivoli Storage Manager 6.3
Ibm Tivoli Storage Manager 6.2
Ibm Tivoli Storage Manager 6.1.5.6
Ibm Tivoli Storage Manager 6.1.0
409
VMScore
CVE-2016-2988
IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x prior to 6.4.3.4 and 7.1.x prior to 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access...
Ibm Tivoli Storage Manager For Virtual Environments 7.1
Ibm Tivoli Storage Manager For Virtual Environments 6.4
890
VMScore
CVE-2020-4210
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020.
Ibm Spectrum Protect
Ibm Spectrum Protect 10.1.5
890
VMScore
CVE-2020-4212
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023.
Ibm Spectrum Protect
Ibm Spectrum Protect 10.1.5
231
VMScore
CVE-2015-7408
The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 and 6.x prior to 6.3.5.1 and 7.x prior to 7.1.4 does not properly restrict use of the ASNODENAME option, which allows remote malicious users to read or write to backup data by leveraging proxy authority.
Ibm Tivoli Storage Manager 6.3.4.0
Ibm Tivoli Storage Manager 6.3.3.0
Ibm Tivoli Storage Manager 7.1.0.3
Ibm Tivoli Storage Manager 7.1.0.2
Ibm Tivoli Storage Manager 7.1.0.1
Ibm Tivoli Storage Manager 5.5.0.0
Ibm Tivoli Storage Manager 6.2.0.0
Ibm Tivoli Storage Manager 7.1.0.0
Ibm Tivoli Storage Manager 6.1.0.0
Ibm Tivoli Storage Manager 6.3.5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »