1258 matches found
CVE-2025-3319 IBM Spectrum Protect Server authentication bypass
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources...
CVE-2025-3319 IBM Spectrum Protect Server authentication bypass
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources...
PT-2025-26329 · Ibm · Ibm Spectrum Protect Server
Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Server versions 8.1 through 8.1.26 Description: The issue is related to improper session authentication, which can allow an attacker to bypass authentication. This can result in access to unauthorized resources...
IBM Spectrum Protect Server 访问控制错误漏洞
IBM Spectrum Protect Server is a spectrum protection system from International Business Machines IBM, Inc. provides comprehensive data resiliency for physical file servers, virtual environments, and a wide range of applications. An access control error vulnerability exists in IBM Spectrum Protect...
CVE-2023-28956
IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls...
CVE-2023-27863
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...
CVE-2023-33832
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012...
CVE-2020-4497
IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques. IBM X-Force ID: 182106...
Security Bulletin: Vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing security restrictions, as described by the...
Security Bulletin: IBM Spectrum Protect Plus vulnerability discloses sensitive information due to unencrypted data in transit (CVE-2020-4497)
Summary IBM Spectrum Protect Plus does not encrypt data transfer between vSnap servers and application agents. This could allow an attacker to view senstive information in transit. Vulnerability Details CVEID:CVE-2020-4497 DESCRIPTION: IBM Spectrum Protect Plus discloses sensitive information due...
Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift
Summary IBM Spectrum Protect Plus Container backup and restore for OpenShift can be affected by vulnerabilities in Python, OpenSSH, Golang Go, Redis, urllib3, dnspython and gunicorn. Vulnerabilities include denial of service, cross-site scripting, gain elevated privileges on the system, allow a...
Security Bulletin: Vulnerabilities in Linux Kernel, MongoDB, Python, Samba, OpenSSL and cURL libcurl affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in libcurl, MongoDB, Python, Samba, OpenSSL and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing...
Security Bulletin: Vulnerabilities in Linux Kernel and Golang Go can affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Golang Go and Linux kernel. Vulnerabilities include obtaining sensitive information, gaining elevated privileges, executing arbitrary commands, denial of service, and bypassing security restrictions, as described by the CVEs ...
Security Bulletin: Vulnerabilities in Python, OpenSSH, Golang Go, Minio and Redis may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift
Summary IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift can be affected by vulnerabilities in Python, OpenSSH, Golang Go, Minio and Redis. Vulnerabilities include denial of service, gain elevated privileges on the system, allow a remote attacker to execute...
Security Bulletin: Vulnerabilities in Pypa Setuptools, Golang Go, OpenSSH, Minio and Certifi may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift
Summary IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift can be affected by vulnerabilities in Pypa Setuptools, Golang Go, OpenSSH, Minio and Certifi. Vulnerabilities include denial of service, bypass security restrictions, HTTP request smuggling, spyware,...
Security Bulletin: Directory traversal attack in IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2022-40608)
Summary The IBM Spectrum Protect Plus Microsoft File Systems restore operation is vulnerable to a directory traversal attack which can result in gaining access to unauthorized files . Vulnerability Details CVEID:CVE-2022-40608 DESCRIPTION: IBM Spectrum Protect Plus Microsoft File Systems restore...
Security Bulletin: Insecure handling of TLS certificates by IBM Spectrum Protect Plus (CVE-2022-40234)
Summary IBM Spectrum Protect Plus incorrectly handles TLS certificates which can result in an attacker obtaining private key information for the uploaded certificate. Vulnerability Details CVEID:CVE-2022-40234 DESCRIPTION: Versions of IBM Spectrum Protect Plus prior to 10.1.12 excluding 10.1.12...
Security Bulletin: Vulnerabilities in Node.js, Golang Go, HTTP/2, NGINX, OpenSSH, Linux kernel might affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Node.js, Golang Go, HTTP/2, NGINX, OpenSSH and Linux. Vulnerabilities include, causing a denial-of-service condition, the elevation of privileges, remote execution of arbitrary code, HTTP header injection, HTML injection,...
Security Bulletin: Vulnerabilities in Node.js, AngularJS, Golang Go, libcURL, PostgreSQL, Linux kernel might affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Node.js, AngularJS, Golang Go, libcURL, PostgreSQL, and Linux. Vulnerabilities include obtaining sensitive information, causing denial of service condition, heap-based buffer overflow, bypassing of security restrictions,...
Security Bulletin: Vulnerability in Linux kernel may affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerability in Linux Kernel. Vulnerability includes elevation of privileges, as described by the CVE in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2023-51043 DESCRIPTION: Linux Kernel could allow a local authenticate...