2 matches found
CVE-2021-39063
CVE-2021-39063 affects IBM Spectrum Protect Plus 10.1.0.0–10.1.8.x. A misconfiguration in Cross-Origin Resource Sharing (CORS) headers can allow an attacker to perform privileged actions and disclose sensitive information. The incident is corroborated by multiple sources (NVD entry for CVSS 3.1 b...
Security Bulletin: IBM Spectrum Protect Plus is vulnerable to SSRF, MITM, and CORS attacks
Summary IBM Spectrum Protect Plus is vulnerable to Server-Side Request Forgery SSRF, Man-in-the-Middle MITM attack, and Cross-Origin Resource Sharing CORS attack. Vulnerability Details CVEID: CVE-2021-39057 DESCRIPTION: IBM Spectrum Protect Plus is vulnerable to server-side request forgery SSRF...