Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2020-4470
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725.
Ibm Spectrum Protect Plus
4
CVSSv2
CVE-2020-4477
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779.
Ibm Spectrum Protect Plus
NA
CVE-2020-4497
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques....
Ibm Spectrum Protect Plus
4.3
CVSSv2
CVE-2020-4565
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an malicious user to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 183935.
Ibm Spectrum Protect Plus
9
CVSSv2
CVE-2020-4206
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to execute arbitrary commands on the system in the context of root user, caused by improper validation of user-supplied input. IBM X-Force ID: 174966.
Ibm Spectrum Protect Plus
7.5
CVSSv2
CVE-2020-4208
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 1...
Ibm Spectrum Protect Plus
7.5
CVSSv2
CVE-2020-4216
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 1...
Ibm Spectrum Protect Plus
6
CVSSv2
CVE-2020-4703
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-447...
Ibm Spectrum Protect Plus
4
CVSSv2
CVE-2020-4711
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM...
Ibm Spectrum Protect Plus
NA
CVE-2022-40608
IBM Spectrum Protect Plus 10.1.6 up to and including 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the ope...
Ibm Spectrum Protect Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »