Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum_protect_plus vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-20536
IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.
Ibm Spectrum Protect Plus 10.1.6
Ibm Spectrum Protect Plus 10.1.7
NA
CVE-2023-47148
IBM Storage Protect Plus Server 10.1.0 up to and including 10.1.15.2 Admin Console could allow a remote malicious user to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 2705...
Ibm Spectrum Protect Plus
490
VMScore
CVE-2021-39057
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other atta...
Ibm Spectrum Protect Plus
570
VMScore
CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 21...
Ibm Spectrum Protect Plus
320
VMScore
CVE-2019-4652
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963.
Ibm Spectrum Protect Plus
445
VMScore
CVE-2020-5018
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654.
Ibm Spectrum Protect Plus
570
VMScore
CVE-2020-5019
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST head...
Ibm Spectrum Protect Plus
320
VMScore
CVE-2020-5021
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657.
Ibm Spectrum Protect Plus
445
VMScore
CVE-2020-5022
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. IBM X-Force ID: 193658.
Ibm Spectrum Protect Plus
383
VMScore
CVE-2020-4496
The IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.
Ibm Spectrum Protect Plus
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »