Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-4385
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173.
Ibm Spectrum Protect Plus
2.9
CVSSv2
CVE-2019-4703
IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
Ibm Spectrum Protect Plus
10
CVSSv2
CVE-2020-4469
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. This vulner...
Ibm Spectrum Protect Plus
4
CVSSv2
CVE-2020-4711
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM...
Ibm Spectrum Protect Plus
5
CVSSv2
CVE-2020-5023
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659.
Ibm Spectrum Protect Plus
9
CVSSv2
CVE-2020-4206
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to execute arbitrary commands on the system in the context of root user, caused by improper validation of user-supplied input. IBM X-Force ID: 174966.
Ibm Spectrum Protect Plus
7.5
CVSSv2
CVE-2020-4208
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 1...
Ibm Spectrum Protect Plus
6.4
CVSSv2
CVE-2020-4214
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to arbitrary delete a directory caused by improper validation of user-supplied input. IBM X-Force ID: 175026.
Ibm Spectrum Protect Plus
7.5
CVSSv2
CVE-2020-4216
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 1...
Ibm Spectrum Protect Plus
6
CVSSv2
CVE-2020-4470
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725.
Ibm Spectrum Protect Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »