Spectrum Protect Plus@10.1.7 Security Vulnerabilities and Issues — Spectrum Protect Plus@10.1.7 CVE List

Lucene search

IbmSpectrum Protect Plus10.1.7

5 matches found

CVE•added 2022/06/30 5:15 p.m.•56 views

CVE-2022-22472

IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session info...

8.8CVSS8.4AI score0.00062EPSS

CVE•added 2021/02/10 5:15 p.m.•44 views

CVE-2020-5023

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659.

7.5CVSS7.3AI score0.00729EPSS

CVE•added 2021/04/26 5:15 p.m.•33 views

CVE-2021-20536

IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.

6.2CVSS5.8AI score0.00044EPSS

CVE•added 2021/04/26 5:15 p.m.•32 views

CVE-2021-20432

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 196344.

6.5CVSS6.1AI score0.00158EPSS

CVE•added 2021/04/26 5:15 p.m.•32 views

CVE-2021-29694

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 200258.

7.5CVSS7.2AI score0.00112EPSS