Ibm Spectrum Protect Plus
49 CVEs affecting Ibm Spectrum Protect Plus. Latest disclosed: 2022-12-14. Critical: 6, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-4854 | Critical | 9.8 | 2020-11-23 | IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound aut… |
CVE-2020-4222 | Critical | 9.8 | 2020-02-24 | IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, a… |
CVE-2020-4213 | Critical | 9.8 | 2020-02-24 | IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, a… |
CVE-2020-4212 | Critical | 9.8 | 2020-02-24 | IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, a… |
CVE-2020-4211 | Critical | 9.8 | 2020-02-24 | IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, a… |
CVE-2020-4210 | Critical | 9.8 | 2020-02-24 | IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, a… |
CVE-2020-4242 | High | 8.8 | 2020-03-31 | IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system… |
CVE-2019-4357 | High | 8.2 | 2019-07-01 | When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target… |
CVE-2020-4469 | High | 8.1 | 2020-06-15 | IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP comman… |
CVE-2020-4703 | High | 8.0 | 2020-09-15 | IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute a… |
CVE-2019-4383 | High | 7.9 | 2019-07-01 | When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalat… |
CVE-2020-5023 | High | 7.5 | 2021-02-10 | IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resour… |
CVE-2020-4216 | High | 7.5 | 2020-06-15 | IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound aut… |
CVE-2020-4241 | High | 7.5 | 2020-03-31 | IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system… |
CVE-2020-4214 | High | 7.5 | 2020-03-31 | IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to arbitrary delete a directory caused by improper validation of user-supplied in… |
CVE-2020-4208 | High | 7.5 | 2020-03-31 | IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound aut… |
CVE-2020-4206 | High | 7.5 | 2020-03-31 | IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary commands on the system in the context of root user, caused b… |
CVE-2020-4470 | High | 7.1 | 2020-06-15 | IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute a… |
CVE-2020-4497 | Medium | 6.8 | 2022-12-14 | IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum… |
CVE-2022-22396 | Medium | 6.8 | 2022-06-06 | Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remo… |