Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spectrum_protect_client
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 9 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-15 | CVE-2020-4406 | IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the... | Spectrum_protect_client, Spectrum_protect_for_space_management | 5.4 | ||
| 2020-06-15 | CVE-2020-4494 | IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019. | Spectrum_protect_client, Spectrum_protect_for_space_management | 7.5 | ||
| 2021-04-26 | CVE-2021-20546 | IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the application to crash. IBM X-Force ID: 198934 | Spectrum_protect_client, Spectrum_protect_for_space_management | 5.5 | ||
| 2021-04-26 | CVE-2021-29672 | IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. A local attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash. IBM X-Force ID: 199479 | Spectrum_protect_client, Spectrum_protect_for_space_management | 7.8 | ||
| 2022-06-30 | CVE-2022-22474 | IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348. | Spectrum_protect_client | 7.5 | ||
| 2022-06-30 | CVE-2022-22478 | IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886. | Spectrum_protect_client | 5.5 | ||
| 2023-07-19 | CVE-2023-33832 | IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012. | Spectrum_protect_client, Spectrum_protect_for_space_management, Spectrum_protect_for_virtual_environments | 4.7 | ||
| 2018-09-26 | CVE-2018-1545 | IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649. | Spectrum_protect_client, Spectrum_protect_for_virtual_environments | 7.5 | ||
| 2018-09-26 | CVE-2018-1785 | IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870. | Spectrum_protect_client, Spectrum_protect_for_virtual_environments | 7.5 |