Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2018-2025
IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.
Ibm Spectrum Protect
Ibm Spectrum Protect For Virtual Environments
4 Github repositories
3.6
CVSSv2
CVE-2019-4652
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963.
Ibm Spectrum Protect Plus
3.6
CVSSv2
CVE-2019-4236
A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow ...
Ibm Spectrum Protect
3.6
CVSSv2
CVE-2019-4140
IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336.
Ibm Spectrum Protect
3.6
CVSSv2
CVE-2019-4093
IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. IBM X-Force ID: 157981.
Ibm Spectrum Protect 8.1.7
3.6
CVSSv2
CVE-2017-1301
IBM Spectrum Protect 7.1 and 8.1 could allow a local malicious user to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to va...
Ibm Tivoli Storage Manager 6.1.0
Ibm Tivoli Storage Manager 6.1.1
Ibm Tivoli Storage Manager 6.1.2
Ibm Tivoli Storage Manager 6.1.3
Ibm Tivoli Storage Manager 6.1.4
Ibm Tivoli Storage Manager 6.3.0.17
Ibm Tivoli Storage Manager 6.3.1
Ibm Tivoli Storage Manager 6.3.1.2
Ibm Tivoli Storage Manager 6.3.2.2
Ibm Tivoli Storage Manager 6.4.3
Ibm Tivoli Storage Manager 6.4.3.1
Ibm Tivoli Storage Manager 7.1
Ibm Tivoli Storage Manager 7.1..5.100
Ibm Tivoli Storage Manager 7.1.3.100
Ibm Tivoli Storage Manager 7.1.4
Ibm Tivoli Storage Manager 7.1.4.1
Ibm Tivoli Storage Manager 7.1.4.2
Ibm Tivoli Storage Manager 7.1.6.6
Ibm Tivoli Storage Manager 6.1.5
Ibm Tivoli Storage Manager 6.1.5.5
Ibm Tivoli Storage Manager 6.3
Ibm Tivoli Storage Manager 6.3.0.15
3.5
CVSSv2
CVE-2022-22348
IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator...
Ibm Spectrum Protect Operations Center
3.5
CVSSv2
CVE-2020-4406
IBM Spectrum Protect Client 8.1.7.0 up to and including 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 up to and including 8.1.9.1 (Linux), 8.1.9.0 up to and including 8.1.9.1 (AIX) web user interfaces could allow a...
Ibm Spectrum Protect Client
Ibm Spectrum Protect For Space Management
3.3
CVSSv2
CVE-2022-22496
While a user account for the IBM Spectrum Protect Server 8.1.0.000 up to and including 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.
Ibm Spectrum Protect Server
2.9
CVSSv2
CVE-2019-4703
IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
Ibm Spectrum Protect Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »