Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spectrum_protect
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 18 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-17 | CVE-2022-22484 | IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322. | Spectrum_protect | 5.5 | ||
| 2023-05-12 | CVE-2023-27863 | IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325. | Spectrum_protect | 4.9 | ||
| 2019-07-02 | CVE-2019-4140 | IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336. | Spectrum_protect | 7.1 | ||
| 2019-07-22 | CVE-2019-4267 | The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code on the local system or the application to crash. IBM X-Force ID: 160200. | Spectrum_protect | 7.8 | ||
| 2019-07-22 | CVE-2019-4236 | A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to restore or retrieve the object with incorrect ACL entries. IBM X-Force ID: 159418. | Spectrum_protect | 4.4 | ||
| 2019-11-25 | CVE-2018-2025 | IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551. | Spectrum_protect, Spectrum_protect_for_virtual_environments | N/A | ||
| 2019-04-02 | CVE-2019-4093 | IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. IBM X-Force ID: 157981. | Spectrum_protect | N/A | ||
| 2018-11-12 | CVE-2018-1786 | IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871. | Spectrum_protect, Spectrum_protect_for_virtual_environments_data_protection_for_hyper\-V, Spectrum_protect_manager_for_virtual_environments_data_protection_for_vmware, Tivoli_storage_manager, Tivoli_storage_manager_for_virtual_environments_data_protection_for_hyper\-V, Tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware | 7.5 |