Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to pdfmake [CVE-2022-46161]

Summary Vulnerability in pdfmake allow remote attacker to execute arbitrary code on the system which could affect IBM Spectrum Control. CVE-2022-46161 IBM has addressed this vulnerability. Vulnerability Details CVEID:CVE-2022-46161 DESCRIPTION: Node.js pdfmake module could allow a remote attacker...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Camel

Summary Vulnerabilities in Apache Camel such as remote attacker executing arbitrary code, remote attacker obtaining sensitive information may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2014-0002 DESCRIPTION: Apache Camel could allow a...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Groovy

Summary Vulnerabilities in Apache Groovy such as remote attacker executing arbitrary code on the system, allowing a local authenticated attacker to obtain sensitive information, may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2015-3253...

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to dom4j

Summary Vulnerability in dom4j allows remote attacker to execute arbitrary code on the system may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation...

IBM Spectrum Control Weak Encryption Vulnerability

IBM Spectrum Control formerly known as Tivoli Storage Productivity Center is a suite of storage resource management software from International Business Machines IBM. The software provides monitoring, automation and analysis for multiple storage systems. IBM Spectrum Control version 5.4 suffers...

CVE-2022-38391

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

CVE-2022-38391

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

Code injection

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

CVE-2022-38391 IBM Spectrum Control information disclosure

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

CVE-2022-38391

CVE-2022-38391 affects IBM Spectrum Control 5.4, where the vulnerability stems from the use of weaker-than-expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Concrete details across sources confirm the affected product/version and the cryptogra...

CVE-2022-38391 IBM Spectrum Control information disclosure

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

IBM Spectrum Control 加密问题漏洞

IBM Spectrum Control formerly known as Tivoli Storage Productivity Center is a suite of storage resource management software from International Business Machines IBM. The software provides monitoring, automation and analysis for multiple storage systems. IBM Spectrum Control version 5.4 suffers...

PT-2022-24403 · Ibm · Ibm Spectrum Control

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Control version 5.4 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For IBM Spectrum Control...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control

Summary Vulnerabilities in IBM Java SDK could allow an unauthenticated attacker to cause a denial of service may impact the availability of Spectrum Control Product. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node [CVE-2022-39353]

Summary Vulnerabilities in xmldom module may compromise the authentication mechanism of the Spectrum Control Product. CVE-2022-39353 This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-39353 DESCRIPTION: Node.js xmldom module could allow a remote attacker to bypass securit...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related Java SE and Node

Summary Vulnerabilities in Node and Java SE such as HTTP request smuggling, execution of arbitrary code, gain elevated privileges on the system and unauthorized operations may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-32214 DESCRIPTION: Node.js is vulnerable to HTTP reques...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM WebSphere Application Server Liberty and OpenSSL (CVE-2022-2068, CVE-2022-2097, CVE-2022-22475)

Summary Vulnerabilities in IBM WebSphere Application Server Liberty and OpenSSL such as execution of arbitrary commands on the system, obtaining sensitive information, and identity spoofing may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-2068 DESCRIPTION: OpenSSL could allow...

Security Bulletin: Vulnerability in OpenSSL affects IBM Spectrum Control (CVE-2022-1292)

Summary A vulnerability in OpenSSL could allow an attacker to execute arbitrary commands on the system. This vulnerability may affect IBM Spectrum Control due to its use of OpenSSL in the Storage Resource Agent component and XIV storage probe. Vulnerability Details CVEID: CVE-2022-1292 DESCRIPTIO...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE

Summary Vulnerabilities in XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE such as execution of arbitrary code, denial of service, server-side request forgery, amd weaker than expected security may affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2021-4160 DESCRIPTION: OpenSSL...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center April 2016 CPU (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April...