176 matches found
Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to dom4j
Summary Vulnerability in dom4j allows remote attacker to execute arbitrary code on the system may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation...
Code injection
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...
CVE-2022-38391 IBM Spectrum Control information disclosure
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...
IBM Spectrum Control 加密问题漏洞
IBM Spectrum Control formerly known as Tivoli Storage Productivity Center is a suite of storage resource management software from International Business Machines IBM. The software provides monitoring, automation and analysis for multiple storage systems. IBM Spectrum Control version 5.4 suffers...
Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control
Summary Vulnerabilities in IBM Java SDK could allow an unauthenticated attacker to cause a denial of service may impact the availability of Spectrum Control Product. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node [CVE-2022-39353]
Summary Vulnerabilities in xmldom module may compromise the authentication mechanism of the Spectrum Control Product. CVE-2022-39353 This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-39353 DESCRIPTION: Node.js xmldom module could allow a remote attacker to bypass securit...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related Java SE and Node
Summary Vulnerabilities in Node and Java SE such as HTTP request smuggling, execution of arbitrary code, gain elevated privileges on the system and unauthorized operations may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-32214 DESCRIPTION: Node.js is vulnerable to HTTP reques...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM WebSphere Application Server Liberty and OpenSSL (CVE-2022-2068, CVE-2022-2097, CVE-2022-22475)
Summary Vulnerabilities in IBM WebSphere Application Server Liberty and OpenSSL such as execution of arbitrary commands on the system, obtaining sensitive information, and identity spoofing may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-2068 DESCRIPTION: OpenSSL could allow...
Security Bulletin: Vulnerability in OpenSSL affects IBM Spectrum Control (CVE-2022-1292)
Summary A vulnerability in OpenSSL could allow an attacker to execute arbitrary commands on the system. This vulnerability may affect IBM Spectrum Control due to its use of OpenSSL in the Storage Resource Agent component and XIV storage probe. Vulnerability Details CVEID: CVE-2022-1292 DESCRIPTIO...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE
Summary Vulnerabilities in XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE such as execution of arbitrary code, denial of service, server-side request forgery, amd weaker than expected security may affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2021-4160 DESCRIPTION: OpenSSL...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center April 2016 CPU (CVE-2016-3426)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April...
Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605)
Summary Node.js is vulnerable to security bypass, denial of service and HTTP request smuggling. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue whe...
Security Bulletin: Vulnerability in Apache Commons Codec affects IBM Spectrum Control (177835)
Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. This vulnerability affects IBM Spectrum Control. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Ba...
Security Bulletin: OpenSSL vulnerabilities affect IBM Spectrum Control (CVE-2020-1967, CVE-2019-1551)
Summary OpenSSL could allow a remote attacker to obtain sensitive information and is vulnerable to a denial of service. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-1967 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer...
Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Control (CVE-2020-4329)
Summary WebSphere Application Server Liberty could allow a remote, authenticated attacker to obtain sensitive information caused by improper paramater checking which affects IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8....
Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect BM Spectrum Control (CVE-2019-17573, CVE-2019-12406)
Summary IBM WebSphere Application Server Liberty is vulnerable to Apache CXF cross-site scripting and denial of service . These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by imprope...
Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control (CVE-2020-2654, CVE-2020-2781, CVE-2020-2800)
Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control . These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU January 2020 and April 2020. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: ...
Security Bulletin: Vulnerabilities in Node.js affect IBM Spectrum Control (CVE-2020-8172, CVE-2020-8174, CVE-2020-11080)
Summary Node.js is vulnerable to a denial of service or could allow a remote attacker to bypass security restrictions. These vulnerabilities may affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-8172 DESCRIPTION: Node.js could allow a remote attacker to bypass security...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM Dojo (CVE-2021-234550), Java SE (CVE-2021-35578), IBM WebSphere Application Server - Liberty (CVE-2021-39031), Apache Log4j (CVE-2021-44832) and Gson (217225)
Summary IBM Spectrum Control has multiple vulnerabilities: arbitrary code execution due to Apache Log4j CVE-2021-44832 and Dojo CVE-2021-23450, denial of service due to Java SE CVE-2021-35578 and Gson 217225 and LDAP injection due to IBM Websphere Application Security - Liberty CVE-2021-39031. Th...
Vulnerabilities fixed in IBM Spectrum Control
IBM has fixed vulnerabilities in several components of IBM Spectrum Control. These include vulnerabilities in third-party software parties such as Apache Log4j, Dojo, Java SE, Gson and Websphere Liberty. A malicious party could exploit the vulnerabilities to cause damage cause damage in the...