Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum copy data management vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-22354
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Adm...
Ibm Spectrum Copy Data Management
Ibm Spectrum Protect Plus
4.5
CVSSv3
CVE-2022-30610
IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another admini...
Ibm Spectrum Copy Data Management
5.3
CVSSv3
CVE-2022-31769
IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.15.0 could allow a remote malicious user to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219.
Ibm Spectrum Copy Data Management
5.4
CVSSv3
CVE-2022-30611
IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using some fields of the form in the portal UI to inject maliciou...
Ibm Spectrum Copy Data Management
6.5
CVSSv3
CVE-2021-39051
IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function. A remote attacker could exploit this vulnerability using the host address and port fields of ...
Ibm Spectrum Copy Data Management
9.8
CVSSv3
CVE-2021-39052
IBM Spectrum Copy Data Management 2.2.13 and previous versions could allow a remote malicious user to access the Spring Boot console without authorization. IBM X-Force ID: 214523.
Ibm Spectrum Copy Data Management
5.4
CVSSv3
CVE-2021-39054
IBM Spectrum Copy Data Management 2.2.13 and previous versions could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's cli...
Ibm Spectrum Copy Data Management
5.4
CVSSv3
CVE-2021-39055
IBM Spectrum Copy Data Management 2.2.0.0 up to and including 2.2.14.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wi...
Ibm Spectrum Copy Data Management
7.5
CVSSv3
CVE-2021-39058
IBM Spectrum Copy Data Management 2.2.13 and previous versions uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 214617.
Ibm Spectrum Copy Data Management
7.5
CVSSv3
CVE-2021-39064
IBM Spectrum Copy Data Management 2.2.13 and previous versions has weak authentication and password rules and incorrectly handles default credentials for the Spectrum Copy Data Management Admin console. IBM X-Force ID: 214957.
Ibm Spectrum Copy Data Management
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »