Security Bulletin: IBM Spectrum Protect Server may not count invalid sign-on attempts from Operations Center (CVE-2022-22485)

Summary The IBM Spectrum Protect Server, in certain instances, may not increment the number of invalid sign-on attempts from Operations Center. This could allow an attacker to use brute force techniques to gain access to the IBM Spectrum Protect Server. Vulnerability Details CVEID:CVE-2022-22485...

IBM Spectrum Protect Server 安全漏洞

IBM Spectrum Protect Server is a spectrum protection system from IBM USA. Provides total data resilience for physical file servers, virtual environments and a wide range of applications. A security vulnerability exists in IBM Spectrum Protect Server versions 8.1.0.000 through 8.1.14.000 that...

CVE-2022-22487

An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain...

IBM Spectrum Protect Operations Center 安全漏洞

IBM Spectrum Protect Operations Center is a software from IBM USA that provides visual control for the IBM Spectrum Protect environment. IBM Spectrum Protect Operations Center versions 8.1.0.000 through 8.1.14 versions contain an information disclosure vulnerability that can be exploited by an...

IBM Spectrum Protect Server 安全特征问题漏洞

IBM Spectrum Protect Server is a spectrum protection system from IBM USA, Inc. providing comprehensive data resiliency for physical file servers, virtual environments, and a wide range of applications.IBM Spectrum Protect Server versions 8.1.0.000 through 8.1.14 have a security feature issue...

CVE-2022-22487

An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain...

CVE-2022-22346

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220048...

CVE-2022-22348

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once...

CVE-2022-22346

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220048...

Security Bulletin: Vulnerabilities in IBM Db2 affect IBM Spectrum Protect Server (CVE-2020-5024, CVE-2020-5025, CVE-2020-4976)

Summary The IBM Spectrum Protect Server is affected by IBM Db2 vulnerabilities such as denial of service, buffer overflow, and weak file permissions. Vulnerability Details CVEID: CVE-2020-5024 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and...