Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-5018
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654.
Ibm Spectrum Protect Plus
2.1
CVSSv2
CVE-2021-20536
IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.
Ibm Spectrum Protect Plus 10.1.6
Ibm Spectrum Protect Plus 10.1.7
NA
CVE-2023-27863
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325.
Ibm Spectrum Protect 10.1.13
3.6
CVSSv2
CVE-2020-5021
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657.
Ibm Spectrum Protect Plus
5
CVSSv2
CVE-2022-22354
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Adm...
Ibm Spectrum Copy Data Management
Ibm Spectrum Protect Plus
5
CVSSv2
CVE-2020-5022
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. IBM X-Force ID: 193658.
Ibm Spectrum Protect Plus
3.6
CVSSv2
CVE-2019-4652
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963.
Ibm Spectrum Protect Plus
7.5
CVSSv2
CVE-2020-4854
IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 190454.
Ibm Spectrum Protect Plus
6.4
CVSSv2
CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 21...
Ibm Spectrum Protect Plus
5.5
CVSSv2
CVE-2020-4209
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to create arbitrary files on the system. I...
Ibm Spectrum Protect Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »