240 matches found
CVE-2021-39065
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertificate function . A remote attacker could...
CVE-2021-39065
IBM Spectrum Copy Data Management 2.2.13 and earlier is affected by an input-validation vulnerability in the Admin Console login and uploadcertificate function that could enable remote command execution. The root cause is improper validation of user-supplied input, allowing an attacker to inject ...
CVE-2021-39064
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules and incorrectly handles default credentials for the Spectrum Copy Data Management Admin console. IBM X-Force ID: 214957...
CVE-2021-39064
CVE-2021-39064 affects IBM Spectrum Copy Data Management, specifically versions 2.2.13 and earlier. The root cause is weak authentication and password rules and incorrect handling of default credentials for the Spectrum Copy Data Management Admin console. The result is a potential security bypass...
CVE-2021-39058
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617...
CVE-2021-39058
CVE-2021-39058 affects IBM Spectrum Copy Data Management, listing weaker-than-expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Public sources (NVD entry) describe the affected product as IBM Spectrum Copy Data Management 2.2.13 and earlier. T...
CVE-2021-39054
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...
CVE-2021-39053
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests for Spectrum Copy Data Management Admin Console. By sending a specially-crafted request, a remote attacker could exploit this vulnerabili...
CVE-2021-39053
Summary: CVE-2021-39053 affects IBM Spectrum Copy Data Management (2.2.13 and earlier). It allows a remote attacker to obtain sensitive information via improper handling of requests to the Spectrum Copy Data Management Admin Console. Affected versions: 2.2.13 and below. Root cause: improper handl...
CVE-2021-39052
IBM Spectrum Copy Data Management (version 2.2.13 and earlier) contains a remote authentication bypass that could allow an attacker to access the Spring Boot console without authorization. The issue is documented as CVE-2021-39052. Affected product details and impact are stated in the vulnerabili...
CVE-2021-39052
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523...
CVE-2021-38947
CVE-2021-38947 affects IBM Spectrum Copy Data Management (2.2.13 and earlier). The root cause is the use of weaker-than-expected cryptographic algorithms, which could enable an attacker to decrypt highly sensitive information. The IBM security bulletin details broader vulnerabilities including cr...
CVE-2021-38947
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242...
PT-2021-22370 · Ibm · Ibm Spectrum Copy Data Management
Name of the Vulnerable Software and Affected Versions: IBM Spectrum Copy Data Management versions 2.2.13 and earlier Description: The issue is related to weak authentication and password rules, and incorrect handling of default credentials for the Spectrum Copy Data Management Admin console...
Security Bulletin: Vulnerabilities in XStream affect IBM Spectrum Copy Data Management
Summary Vulnerabilities in XStream, such as execution of arbitrary code, server-side request forgery, denial of service, bypassing security restrictions, and deletion of arbitrary files, may affect IBM Spectrum Copy Data Management. Vulnerability Details CVEID: CVE-2020-26217 DESCRIPTION: XStream...
Security Bulletin: Vulnerabilities in Jackson, jQuery, and Dom4j affect IBM Spectrum Copy Data Management
Summary Vulnerabilities in Jackson, jQuery, and Dom4j, such as execution of arbitrary code, cross-site scripting, and obtaining sensitive information, may affect IBM Spectrum Copy Data Management. Vulnerability Details CVEID: CVE-2020-24616 DESCRIPTION: FasterXML jackson-databind could allow a...
IBM Spectrum Copy Data Management 加密问题漏洞
IBM Spectrum Copy Data Management, an IBM company that modernizes, simplifies and automates data center copy management processes, is vulnerable to an encryption issue that stems from the fact that IBM Spectrum Copy Data Management uses a weaker-than-expected encryption algorithm, which could be...
IBM Spectrum Copy Data Management安全漏洞
IBM Spectrum Copy Data Management is an IBM company that modernizes, streamlines and automates data center copy management processes. IBM Spectrum Copy Data Management contains a security vulnerability that could be exploited by an attacker to convince a victim to visit a malicious website by...
IBM Spectrum Copy Data Management安全漏洞
IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, has a security vulnerability that stems from improper handling of requests to the Spectrum Copy Data Management management console. An attacker could use the...
IBM Spectrum Copy Data Management加密问题漏洞
IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, has a security vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to The vulnerability ste...