Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum_protect_plus vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-20536
IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.
Ibm Spectrum Protect Plus 10.1.6
Ibm Spectrum Protect Plus 10.1.7
570
VMScore
CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 21...
Ibm Spectrum Protect Plus
570
VMScore
CVE-2021-20432
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Forc...
Ibm Spectrum Protect Plus
668
VMScore
CVE-2020-4854
IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 190454.
Ibm Spectrum Protect Plus
445
VMScore
CVE-2020-5018
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654.
Ibm Spectrum Protect Plus
570
VMScore
CVE-2020-5019
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST head...
Ibm Spectrum Protect Plus
320
VMScore
CVE-2020-5021
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657.
Ibm Spectrum Protect Plus
445
VMScore
CVE-2020-5022
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. IBM X-Force ID: 193658.
Ibm Spectrum Protect Plus
169
VMScore
CVE-2020-4631
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372...
Ibm Spectrum Protect Plus
383
VMScore
CVE-2020-4783
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information u...
Ibm Spectrum Protect Plus
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »