Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-4214
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to arbitrary delete a directory caused by improper validation of user-supplied input. IBM X-Force ID: 175026.
Ibm Spectrum Protect Plus
5.5
CVSSv3
CVE-2020-4631
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372...
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2022-40234
Versions of IBM Spectrum Protect Plus before 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obta...
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2022-40608
IBM Spectrum Protect Plus 10.1.6 up to and including 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the ope...
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2022-22396
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are usi...
Ibm Spectrum Protect Plus
5.5
CVSSv3
CVE-2021-20490
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791.
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2023-47148
IBM Storage Protect Plus Server 10.1.0 up to and including 10.1.15.2 Admin Console could allow a remote malicious user to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 2705...
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2020-4565
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an malicious user to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 183935.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2021-20432
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Forc...
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2021-29694
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.7 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 200258.
Ibm Spectrum Protect Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »