Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum protect vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-4471
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an unauthenticated malicious user to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.
Ibm Spectrum Protect Plus
4
CVSSv2
CVE-2020-4477
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779.
Ibm Spectrum Protect Plus
NA
CVE-2020-4497
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques....
Ibm Spectrum Protect Plus
4.3
CVSSv2
CVE-2020-4565
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an malicious user to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 183935.
Ibm Spectrum Protect Plus
6
CVSSv2
CVE-2020-4703
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-447...
Ibm Spectrum Protect Plus
4
CVSSv2
CVE-2020-4711
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM...
Ibm Spectrum Protect Plus
2.1
CVSSv2
CVE-2018-1788
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. IBM X-Force ID: 148873.
Ibm Spectrum Protect Server
5
CVSSv2
CVE-2022-22474
IBM Spectrum Protect 8.1.0.0 up to and including 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348.
Ibm Spectrum Protect Client
2.1
CVSSv2
CVE-2019-4385
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173.
Ibm Spectrum Protect Plus
2.9
CVSSv2
CVE-2019-4703
IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
Ibm Spectrum Protect Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »