Spectrum Protect Security Vulnerabilities and Issues — Spectrum Protect CVE List

Lucene search

IbmSpectrum Protect

11 matches found

CVE•added 2019/11/25 5:15 p.m.•118 views

CVE-2018-2025

IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.

5.1CVSS4.8AI score0.00084EPSS

CVE•added 2019/07/02 3:15 p.m.•93 views

CVE-2019-4087

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could overf...

10CVSS9.5AI score0.08408EPSS

CVE•added 2019/07/02 3:15 p.m.•77 views

CVE-2019-4129

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain sensitive information, caused by an error message containing a stack trace. By creating an error with a stack trace, an attacker could exploit this vulnerability to potentially obtain details on the Operation...

5.3CVSS5AI score0.00371EPSS

CVE•added 2019/07/02 3:15 p.m.•76 views

CVE-2019-4140

IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336.

7.1CVSS6.5AI score0.00045EPSS

CVE•added 2019/07/02 3:15 p.m.•74 views

CVE-2019-4088

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain roo...

7.8CVSS8AI score0.0011EPSS

CVE•added 2019/07/22 2:15 p.m.•63 views

CVE-2019-4236

A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to...

5.1CVSS4.5AI score0.00042EPSS

CVE•added 2019/07/22 2:15 p.m.•55 views

CVE-2019-4267

The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code on the local system or the application to crash. IBM X-Force ID: 160200.

7.8CVSS7.6AI score0.00133EPSS

CVE•added 2019/04/08 3:29 p.m.•43 views

CVE-2018-1853

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch ...

6.1CVSS6.1AI score0.00126EPSS

CVE•added 2019/04/08 3:29 p.m.•40 views

CVE-2018-1787

IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872.

5.5CVSS5.4AI score0.00033EPSS

CVE•added 2019/04/08 3:29 p.m.•36 views

CVE-2018-1882

In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968.

4.7CVSS4.6AI score0.0003EPSS

CVE•added 2019/04/02 2:29 p.m.•29 views

CVE-2019-4093

IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. IBM X-Force ID: 157981.

5.1CVSS4.5AI score0.00058EPSS