Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2020-4470
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4471
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an unauthenticated malicious user to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4477
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779.
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2020-4497
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques....
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2020-4565
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an malicious user to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 183935.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4240
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbitrary files on the system. IBM X-Force ID: 175417.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2019-4385
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173.
Ibm Spectrum Protect Plus
5.3
CVSSv3
CVE-2019-4703
IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
Ibm Spectrum Protect Plus
9.8
CVSSv3
CVE-2020-4469
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. This vulner...
Ibm Spectrum Protect Plus
8
CVSSv3
CVE-2020-4703
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-447...
Ibm Spectrum Protect Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »