Lucene search
K

176 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/03 5:55 a.m.42 views

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to dom4j

Summary Vulnerability in dom4j allows remote attacker to execute arbitrary code on the system may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation...

7.5CVSS7.8AI score0.0657EPSS
Exploits1Affected Software1
Prion
Prion
added 2022/12/20 9:15 p.m.29 views

Code injection

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

5CVSS7.4AI score0.00275EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/20 8:31 p.m.9 views

CVE-2022-38391 IBM Spectrum Control information disclosure

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

5.1CVSS6.4AI score0.00275EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/20 12:0 a.m.4 views

IBM Spectrum Control 加密问题漏洞

IBM Spectrum Control formerly known as Tivoli Storage Productivity Center is a suite of storage resource management software from International Business Machines IBM. The software provides monitoring, automation and analysis for multiple storage systems. IBM Spectrum Control version 5.4 suffers...

7.5CVSS6.6AI score0.00275EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/15 10:49 a.m.25 views

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control

Summary Vulnerabilities in IBM Java SDK could allow an unauthenticated attacker to cause a denial of service may impact the availability of Spectrum Control Product. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the...

5.3CVSS5.4AI score0.02376EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/15 10:43 a.m.35 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node [CVE-2022-39353]

Summary Vulnerabilities in xmldom module may compromise the authentication mechanism of the Spectrum Control Product. CVE-2022-39353 This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-39353 DESCRIPTION: Node.js xmldom module could allow a remote attacker to bypass securit...

9.8CVSS9.3AI score0.01182EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 7:3 a.m.67 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related Java SE and Node

Summary Vulnerabilities in Node and Java SE such as HTTP request smuggling, execution of arbitrary code, gain elevated privileges on the system and unauthorized operations may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-32214 DESCRIPTION: Node.js is vulnerable to HTTP reques...

8.1CVSS8.3AI score0.81464EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/18 7:27 a.m.102 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM WebSphere Application Server Liberty and OpenSSL (CVE-2022-2068, CVE-2022-2097, CVE-2022-22475)

Summary Vulnerabilities in IBM WebSphere Application Server Liberty and OpenSSL such as execution of arbitrary commands on the system, obtaining sensitive information, and identity spoofing may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-2068 DESCRIPTION: OpenSSL could allow...

10CVSS8.5AI score0.96275EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/26 7:33 a.m.97 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Spectrum Control (CVE-2022-1292)

Summary A vulnerability in OpenSSL could allow an attacker to execute arbitrary commands on the system. This vulnerability may affect IBM Spectrum Control due to its use of OpenSSL in the Storage Resource Agent component and XIV storage probe. Vulnerability Details CVEID: CVE-2022-1292 DESCRIPTIO...

10CVSS2.6AI score0.83223EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/26 7:31 a.m.42 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE

Summary Vulnerabilities in XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE such as execution of arbitrary code, denial of service, server-side request forgery, amd weaker than expected security may affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2021-4160 DESCRIPTION: OpenSSL...

8.8CVSS1.4AI score0.98124EPSS
Exploits17Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/24 7:9 p.m.30 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center April 2016 CPU (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April...

4.3CVSS0.8AI score0.02795EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.36 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605)

Summary Node.js is vulnerable to security bypass, denial of service and HTTP request smuggling. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue whe...

9.8CVSS8.9AI score0.57132EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.19 views

Security Bulletin: Vulnerability in Apache Commons Codec affects IBM Spectrum Control (177835)

Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. This vulnerability affects IBM Spectrum Control. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Ba...

1.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.58 views

Security Bulletin: OpenSSL vulnerabilities affect IBM Spectrum Control (CVE-2020-1967, CVE-2019-1551)

Summary OpenSSL could allow a remote attacker to obtain sensitive information and is vulnerable to a denial of service. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-1967 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer...

7.5CVSS7.3AI score0.53336EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.24 views

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Control (CVE-2020-4329)

Summary WebSphere Application Server Liberty could allow a remote, authenticated attacker to obtain sensitive information caused by improper paramater checking which affects IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8....

4.3CVSS4.5AI score0.0112EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.42 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect BM Spectrum Control (CVE-2019-17573, CVE-2019-12406)

Summary IBM WebSphere Application Server Liberty is vulnerable to Apache CXF cross-site scripting and denial of service . These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by imprope...

6.5CVSS7.6AI score0.07055EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.55 views

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control (CVE-2020-2654, CVE-2020-2781, CVE-2020-2800)

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control . These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU January 2020 and April 2020. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: ...

5.8CVSS6.4AI score0.04948EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.49 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Spectrum Control (CVE-2020-8172, CVE-2020-8174, CVE-2020-11080)

Summary Node.js is vulnerable to a denial of service or could allow a remote attacker to bypass security restrictions. These vulnerabilities may affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-8172 DESCRIPTION: Node.js could allow a remote attacker to bypass security...

9.3CVSS9.5AI score0.07646EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/07 1:46 p.m.42 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM Dojo (CVE-2021-234550), Java SE (CVE-2021-35578), IBM WebSphere Application Server - Liberty (CVE-2021-39031), Apache Log4j (CVE-2021-44832) and Gson (217225)

Summary IBM Spectrum Control has multiple vulnerabilities: arbitrary code execution due to Apache Log4j CVE-2021-44832 and Dojo CVE-2021-23450, denial of service due to Java SE CVE-2021-35578 and Gson 217225 and LDAP injection due to IBM Websphere Application Security - Liberty CVE-2021-39031. Th...

9.8CVSS9.6AI score0.97906EPSS
Exploits10Affected Software1
NCSC
NCSC
added 2022/03/04 12:0 a.m.8 views

Vulnerabilities fixed in IBM Spectrum Control

IBM has fixed vulnerabilities in several components of IBM Spectrum Control. These include vulnerabilities in third-party software parties such as Apache Log4j, Dojo, Java SE, Gson and Websphere Liberty. A malicious party could exploit the vulnerabilities to cause damage cause damage in the...

9.8CVSS9.7AI score0.97906EPSS
Exploits10
Rows per page
Query Builder