EUVD-2026-38277

IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager FCM authentication mechanism. The application contains a...

Security Bulletin: Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system

Summary IBM Storage Protect Snapshot For Windows is affected by allowing a remote unauthenticated attacker to bypass authentication and gain SYSTEM-level access due to a hardcoded credential. Vulnerability Details CVEID:CVE-2026-12628 DESCRIPTION: IBM Storage Protect could allow a remote attacker...

EUVD-2013-6516

Malware in sbrugna...

Security Bulletin: Possibility for Accidental Disclosure of Microsoft Exchange Mailboxes to Unauthorized Users (CVE-2013-3976)

Abstract Due to a problem in the Data Protection for Exchange and FlashCopy Manager for Exchange components, once a mailbox is restored into a .PST file, each individual .PST file will be created as expected, but the contents of that .PST file may not be the contents associated with that mailbox...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547)

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in January 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager on AIX and Linux. Vulnerability Details CVEID:...

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Snapshot for VMware (CVE-2014-7810, CVE-2018-8039)

Summary IBM WebSphere Application Server Liberty is affected by Apache Tomcat and CXF vulnerabilities that affect IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. Vulnerability Details CVEID: CVE-2014-7810 DESCRIPTION: Apache Tomcat could allow a remote attacker...

Security Bulletin: A security vulnerability has been identified in the IBM Spectrum Protect Client that affects multiple IBM Spectrum Protect products

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Client is used as a component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Windows and IBM Spectrum Protect formerly Tivoli Storage Manager HSM for Windows. Information about a security vulnerabilit...

Security Bulletin: Security vulnerabilities have been identified in the IBM Spectrum Protect Backup-Archive Client that affect multiple IBM Spectrum Protect products

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Backup-Archive Client is used as a component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Windows and IBM Spectrum Protect formerly Tivoli Storage Manager HSM for Windows. Information about security...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX (CVE-2019-4473, CVE-2019-11771)

Summary Multiple vulnerabilities in IBM Runtime Environment Java were disclosed as part of the IBM Java SDK updates in July 2019. IBM Runtime Environment Java is used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager on AIX. Vulnerability Details CVEID: CVE-2019-4473...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware (CVE-2017-10356)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Details CVEID: CVE-2017-10356...

Security Bulletin: Vulnerability in OpenSSL affects FlashCopy Manager shipped with IBM® Db2® LUW (CVE-2017-3738, CVE-2017-3737).

Summary Security vulnerabilities have been identified in OpenSSL that affect IBM Tivoli Storage FlashCopy Manager FCM shipped as a component of IBM Db2. Vulnerability Details CVEID: CVE-2017-3738 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware (CVE-2016-5597)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by FlashCopy Manager IBM Spectrum Protect Snapshot for VMware. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecified...

Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Storage FlashCopy Manager VMware (CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2178, CVE-2016-6306)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL used by Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is vulnerabl...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware and FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by Tivoli Storage Manager for Virtual Environments IBM Spectrum Protect for Virtual Environments: Data Protection for VMware and FlashCopy Manager IBM Spectrum Protect Snapshot for VMware. These issues were disclose...

Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Storage FlashCopy Manager Unix (CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2178, CVE-2016-6306)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL used by Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot Unix has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is vulnerable ...

Security Bulletin: Cross-site request forgery vulnerability in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware (CVE-2016-6033)

Summary IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware IBM Spectrum Protect™ for Virtual Environments and IBM Tivoli Storage FlashCopy Manager for VMware IBM Spectrum Protect™ Snapshot is vulnerable to cross-site request forgery. An attacker could execute maliciou...

Security Bulletin: A security vulnerability has been identified in IBM Tivoli Storage Manager that affects multiple IBM Tivoli Storage products (CVE-2016-0371)

Summary The IBM Tivoli Storage Manger Client/API is used as a component of IBM Tivoli Storage FlashCopy Manager for Windows, IBM Tivoli Storage Manager HSM for Windows, IBM Tivoli Storage Manager for Databases, IBM Tivoli Storage Manager for Mail, and IBM Tivoli Storage Manager for Virtual...

Security Bulletin: SQL Server Password Disclosure via IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server and IBM Tivoli Storage FlashCopy Manager for Microsoft SQL Server (CVE-2016-3059)

Summary When using IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server or IBM Tivoli Storage FlashCopy Manager for Microsoft SQL Server, the Microsoft SQL Server's user ID and password is presented in plain text via task completion status details available within th...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware IBM Spectrum Protect™ for Virtual Environments and IBM Tivoli Storage FlashCopy Manager for VMware IBM...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage FlashCopy Manager on Windows (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects IBM Tivoli Storage FlashCopy Manager on Windows IBM Spectrum Protect Snapshot. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to...