EUVD-2016-6861

Malware in sbrugna...

CVE-2023-28956

IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls...

CVE-2023-35897

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246...

Code injection

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246...

CVE-2023-35897

IBM Storage Protect Backup-Archive Client and IBM Storage Protect for Virtual Environments (Data Protection for VMware/Hyper-V) versions 8.1.0.0–8.1.19.0 are affected by a DLL hijacking flaw that could allow a local user to execute arbitrary code via a specially crafted file. The issue impacts Wi...

CVE-2023-35897 IBM Spectrum Protect code execution

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246...

CVE-2023-35897 IBM Spectrum Protect code execution

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246...

CVE-2023-33832

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012...

Denial of service

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012...

CVE-2023-33832

The CVE-2023-33832 issue affects IBM Storage Protect family: Storage Protect Client, Storage Protect for Virtual Environments, and Storage Protect for Space Management (versions 8.1.0.0–8.1.17.0). Root cause is improper time-of-check to time-of-use, enabling a local user to cause a denial of serv...

CVE-2023-33832 IBM Storage Protect denial of service

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012...

CVE-2023-28956

IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls...

Improper access control

IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. IBM X-Force ID: 251767...

CVE-2023-28956

IBM Spectrum Protect Backup-Archive Client (8.1.0.0–8.1.17.2) may allow a local user to escalate privileges due to improper access controls on Windows workstation OSes (Windows 8.1/10/11 per IBM bulletin). The issue is a local-privilege-escalation vulnerability arising from insufficient access co...

CVE-2023-28956 IBM Spectrum Protect Backup-Archive Client privilege escalation

IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls...

Vulnerabilities fixed in IBM Spectrum Protect

IBM fixed vulnerabilities in Spectrum Protect Plus Microsoft Filesystem Backup and Restore. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypass a security measure, or gain access to sensitive data. IBM has released updates to fix the vulnerabilities in Spectru...

Security Bulletin: Vulnerability in Newtonsoft.Json may affect IBM Spectrum Protect Plus Exchange agent

Summary The IBM Spectrum Protect Plus Exchange agent may be affected by a denial of service vulnerability in Newtonsoft.Json. Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by improper handling of StackOverFlow exception SOE...

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty may affect IBM Spectrum Protect Operations Center and Client Management Service (CVE-2022-22476))

Summary An identity spoofing vulnerability in IBM WebSphere Application Server Liberty may affect IBM Spectrum Protect Operations Center and IBM Spectrum Protect Client Management Service. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3...

IBM Spectrum Protect Operations Center信息泄露漏洞（CNVD-2022-60414）

IBM Spectrum Protect Operations Center is a software from IBM USA that provides visual control for the IBM Spectrum Protect environment. IBM Spectrum Protect Operations Center versions 8.1.0.000 through 8.1.14 versions contain an information disclosure vulnerability that can be exploited by an...

IBM Spectrum Protect Server Information Disclosure Vulnerability (CNVD-2022-60413)

IBM Spectrum Protect is a suite of data protection platforms from IBM Corporation in the United States. The platform provides enterprises with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum Protect...