Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-4711
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM...
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4477
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4471
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow an unauthenticated malicious user to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4240
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbitrary files on the system. IBM X-Force ID: 175417.
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2019-4385
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173.
Ibm Spectrum Protect Plus
6.2
CVSSv3
CVE-2021-20536
IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.
Ibm Spectrum Protect Plus 10.1.6
Ibm Spectrum Protect Plus 10.1.7
6.1
CVSSv3
CVE-2020-5020
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ...
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2020-4497
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques....
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2022-40234
Versions of IBM Spectrum Protect Plus before 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obta...
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2020-4496
The IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.
Ibm Spectrum Protect Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »