11 matches found
Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-4469, CVE-2020-4471, CVE-2020-4470)
Summary Multiple vulnerabilities in IBM Spectrum Protect Plus could allow a remote attacker to executive arbitrary code on the system, cause a denial or service, or hijack DNS sessions. Vulnerability Details CVEID: CVE-2020-4469 DESCRIPTION: IBM Spectrum Protect Plus could allow a remote attacker...
CVE-2020-4470
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725...
CVE-2020-4471
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726...
Security Bulletin: Denial of Service vulnerability in Linux Kernel affects IBM Spectrum Protect Plus (CVE-2020-12114)
Summary There is a denial of service vulnerability in the Linux Kernel that affects IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-12114 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a pivotroot race condition in fs/namespace.c. By corrupting a...
Security Bulletin: Vulnerability in MongoDB affects IBM Spectrum Protect Plus (CVE-2019-2389)
Summary A denial of service vulnerability in MongoDB affects IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-2389 DESCRIPTION: MongoDB Server is vulnerable to a denial of service, caused by a flaw in the SysV init scripts. By inserting a specially-crafted PID file, a remote...
IBM Spectrum Protect Plus Path Traversal Vulnerability
IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A path traversal vulnerability exists in IB...
IBM Spectrum Protect Plus Authentication Bypass Vulnerability
IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A security vulnerability exists in IBM...
CVE-2020-4208
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174975...
Security Bulletin: Directory Traversal vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-4240, CVE-2020-4209)
Summary IBM Spectrum Protect Plus could allow a remote attacker to traverse directories on the system which can result in the creation of arbitrary files on the system or files being overwritten. Vulnerability Details CVEID: CVE-2020-4240 DESCRIPTION: IBM Spectrum Protect Plus could allow a remot...
IBM Spectrum Protect Plus Command Injection Vulnerability
IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A command injection vulnerability exists in...
Security Bulletin: Vulnerabilities in Samba affect IBM Spectrum Protect Plus (CVE-2019-14833, CVE-2019-14847, CVE-2019-10218)
Summary Security vulnerabilities in Samba affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-14833 DESCRIPTION: A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new...