Spectrum Protect Security Vulnerabilities and Issues — Spectrum Protect CVE List

Lucene search

IbmSpectrum Protect

9 matches found

CVE•added 2019/11/25 5:15 p.m.•118 views

CVE-2018-2025

IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.

5.1CVSS4.8AI score0.00084EPSS

CVE•added 2019/07/02 3:15 p.m.•77 views

CVE-2019-4129

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain sensitive information, caused by an error message containing a stack trace. By creating an error with a stack trace, an attacker could exploit this vulnerability to potentially obtain details on the Operation...

5.3CVSS5AI score0.00371EPSS

CVE•added 2022/05/17 4:15 p.m.•68 views

CVE-2022-22484

IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vuln...

5.5CVSS5.2AI score0.00019EPSS

CVE•added 2019/07/22 2:15 p.m.•63 views

CVE-2019-4236

A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to...

5.1CVSS4.5AI score0.00042EPSS

CVE•added 2021/01/08 7:15 p.m.•51 views

CVE-2020-5017

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653.

5.5CVSS5.6AI score0.00033EPSS

CVE•added 2017/10/05 5:29 p.m.•46 views

CVE-2017-1301

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system...

5.5CVSS5.3AI score0.00103EPSS

CVE•added 2017/06/07 5:29 p.m.•43 views

CVE-2016-8939

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. IBM X-Force ID: 118790.

5.5CVSS5.2AI score0.00074EPSS

CVE•added 2019/04/08 3:29 p.m.•40 views

CVE-2018-1787

IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872.

5.5CVSS5.4AI score0.00033EPSS

CVE•added 2019/04/02 2:29 p.m.•29 views

CVE-2019-4093

IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. IBM X-Force ID: 157981.

5.1CVSS4.5AI score0.00058EPSS