Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum protect plus vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-4240
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.5 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbitrary files on the system. IBM X-Force ID: 175417.
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2020-5023
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659.
Ibm Spectrum Protect Plus
5.9
CVSSv3
CVE-2022-40234
Versions of IBM Spectrum Protect Plus before 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obta...
Ibm Spectrum Protect Plus
9.8
CVSSv3
CVE-2020-4222
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091.
Ibm Spectrum Protect
Ibm Spectrum Protect 10.1.5
9.8
CVSSv3
CVE-2020-4213
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote malicious user to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024.
Ibm Spectrum Protect
Ibm Spectrum Protect 10.1.5
8.8
CVSSv3
CVE-2022-22472
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 up to and including 10.1.10.2 for Kubernetes and 10.1.7 up to and including 10.1.10.2 for Red Hat OpenShift) could allow a remote malicious user to bypass IBM Spectrum Protect Plus role based access control restrictio...
Ibm Spectrum Protect Plus Container Backup And Restore
5.9
CVSSv3
CVE-2020-4496
The IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.
Ibm Spectrum Protect Plus
5.5
CVSSv3
CVE-2020-5017
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653.
Ibm Spectrum Protect
7.5
CVSSv3
CVE-2021-29694
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.7 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 200258.
Ibm Spectrum Protect Plus
5.5
CVSSv3
CVE-2021-20490
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791.
Ibm Spectrum Protect Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »