PT-2024-10544 · Ibm · Storage Protect Backup-Archive Client +1

Name of the Vulnerable Software and Affected Versions: IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client versions 8.1.0.0 through 8.1.23.0 Description: The issue is related to the use of weaker than expected cryptographic algorithms...

CVE-2023-35897

IBM Storage Protect Backup-Archive Client and IBM Storage Protect for Virtual Environments (Data Protection for VMware/Hyper-V) versions 8.1.0.0–8.1.19.0 are affected by a DLL hijacking flaw that could allow a local user to execute arbitrary code via a specially crafted file. The issue impacts Wi...

CVE-2023-40368 IBM Storage Protect information disclosure

IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456...

PT-2023-27415 · Ibm · Ibm Storage Protect

Name of the Vulnerable Software and Affected Versions: IBM Storage Protect versions 8.1.0.0 through 8.1.19.0 Description: The issue allows a privileged user to obtain sensitive information from the administrative command line client. Recommendations: For versions 8.1.0.0 through 8.1.19.0, conside...

IBM Storage Scale Security Vulnerability

IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations efficiently manage and scale storage resources to meet growing data storage needs. A security vulnerability exists in IBM Storage Protect versions 8.1.0.0 through 8.1.19.0, which stems...

Denial of service

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012...

CVE-2023-33832

The CVE-2023-33832 issue affects IBM Storage Protect family: Storage Protect Client, Storage Protect for Virtual Environments, and Storage Protect for Space Management (versions 8.1.0.0–8.1.17.0). Root cause is improper time-of-check to time-of-use, enabling a local user to cause a denial of serv...

CVE-2023-33832 IBM Storage Protect denial of service

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012...

PT-2023-24510 · Ibm · Ibm Spectrum Protect

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect versions 8.1.0.0 through 8.1.17.0 Description: The issue is due to improper time-of-check to time-of-use functionality, which could allow a local user to cause a denial of service. Recommendations: For versions 8.1.0.0...

IBM Spectrum Protect Backup-Archive Client 安全漏洞

IBM Spectrum Protect Backup-Archive Client is a set of client programs for IBM Spectrum Protect file backup, archiving from International Business Machines IBM. An Access Control Error vulnerability exists in IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2, which stems from...

PT-2023-22051 · Ibm · Ibm Spectrum Protect Backup-Archive Client

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Backup-Archive Client versions 8.1.0.0 through 8.1.17.2 Description: The issue allows a local user to escalate their privileges due to improper access controls. Recommendations: For versions 8.1.0.0 through 8.1.17.2, upda...

Security Bulletin: Vulnerabilites in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client (CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217)

Summary IBM Spectrum Protect Backup-Archive Client can be affected by vulnerabilities in OpenSSL. Vulnerabilities include disclosure of sensitive information and denial of service, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-4450...

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty, FasterXML jackson-databind, and Zlib affect IBM Spectrum Protect for Virtual Environments (CVE-2022-34165, CVE-2022-42003, CVE-2022-42004, CVE-2018-25032)

Summary IBM Spectrum Protect for Virtual Environments Data Protection for Hyper-V and Data Protection for VMware can be affected by vulnerabilities in IBM WebSphere Application Server Liberty, FasterXML jackson-databind, and Zlib. Vulnerabilities include HTTP header injection and denial of servic...

CVE-2022-22474

IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348...

CVE-2022-22478

IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886...

CVE-2021-20532

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811...

CVE-2021-20532

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811...

Stack overflow

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the application to crash. IBM X-Force ID: 198934...

CVE-2021-20546

CVE-2021-20546 affects IBM Spectrum Protect Client versions 8.1.0.0 through 8.1.11.0, where a stack-based buffer overflow can be triggered by improper bounds checking when processing locale/current language environment settings. This local vulnerability can cause the client to crash and may allow...

IBM Spectrum Protect Access Control Error Vulnerability

IBM Spectrum Protect formerly known as Tivoli Storage Manager is a suite of data protection platforms from IBM in the United States. The platform provides organizations with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of...