Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
IbmSpectrum Copy Data Management2.2.0.0

9 matches found

CVE
CVEadded 2022/03/14 5:15 p.m.92 views

CVE-2022-22354

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Admin Console to become unresponsive. IBM X-Fo...

7.5CVSS7.2AI score0.0018EPSS
CVE
CVEadded 2022/06/10 4:15 p.m.80 views

CVE-2022-31769

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219.

5.3CVSS4.8AI score0.00124EPSS
CVE
CVEadded 2022/03/14 5:15 p.m.78 views

CVE-2021-39055

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...

5.4CVSS5.3AI score0.00215EPSS
CVE
CVEadded 2022/03/14 5:15 p.m.78 views

CVE-2022-22344

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or se...

6.1CVSS6.2AI score0.00124EPSS
CVE
CVEadded 2022/03/14 5:15 p.m.74 views

CVE-2021-39051

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function. A remote attacker could exploit this vulnerability using the host address and port fields of the application server registra...

6.5CVSS6.5AI score0.00117EPSS
CVE
CVEadded 2022/06/10 4:15 p.m.64 views

CVE-2022-30611

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using some fields of the form in the portal UI to inject malicious script into a Web page which ...

5.4CVSS5.3AI score0.001EPSS
CVE
CVEadded 2022/06/10 4:15 p.m.61 views

CVE-2022-22426

IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Co...

3.3CVSS3.9AI score0.00038EPSS
CVE
CVEadded 2022/06/10 4:15 p.m.55 views

CVE-2022-30610

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once ...

4.5CVSS4.5AI score0.00104EPSS
CVE
CVEadded 2022/06/10 4:15 p.m.54 views

CVE-2022-22479

IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887.

8.8CVSS8.4AI score0.00089EPSS