Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-22487
An IBM Spectrum Protect storage agent could allow a remote malicious user to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techn...
Ibm Spectrum Protect Server
5.3
CVSSv3
CVE-2022-22494
IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.14 could allow a remote malicious user to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-For...
Ibm Spectrum Protect Operations Center
6.5
CVSSv3
CVE-2022-22496
While a user account for the IBM Spectrum Protect Server 8.1.0.000 up to and including 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.
Ibm Spectrum Protect Server
9.8
CVSSv3
CVE-2022-22485
In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vu...
Ibm Spectrum Protect Operations Center
7.5
CVSSv3
CVE-2022-22396
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are usi...
Ibm Spectrum Protect Plus
5.5
CVSSv3
CVE-2022-22484
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local malicious user to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an at...
Ibm Spectrum Protect
8.8
CVSSv3
CVE-2022-22394
The IBM Spectrum Protect 8.1.14.000 server could allow a remote malicious user to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or...
Ibm Spectrum Protect 8.1.14.100
7.5
CVSSv3
CVE-2022-22354
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Adm...
Ibm Spectrum Copy Data Management
Ibm Spectrum Protect Plus
8.8
CVSSv3
CVE-2022-22346
IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220048.
Ibm Spectrum Protect Operations Center
2.4
CVSSv3
CVE-2022-22348
IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator...
Ibm Spectrum Protect Operations Center
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »