Ibm Spectrum Copy Data Management
17 CVEs affecting Ibm Spectrum Copy Data Management. Latest disclosed: 2023-08-27. Critical: 2, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-39065 | Critical | 9.8 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation o… |
CVE-2021-39052 | Critical | 9.8 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214… |
CVE-2022-22479 | High | 8.8 | 2022-06-10 | IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and un… |
CVE-2022-22354 | High | 7.5 | 2022-03-14 | IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection whic… |
CVE-2021-39064 | High | 7.5 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules and incorrectly handles default credentials for the Spectrum Co… |
CVE-2021-39058 | High | 7.5 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitiv… |
CVE-2021-39053 | High | 7.5 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests… |
CVE-2021-38947 | High | 7.5 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitiv… |
CVE-2021-39051 | Medium | 6.5 | 2022-03-14 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registr… |
CVE-2022-22344 | Medium | 6.1 | 2022-03-14 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers… |
CVE-2023-38730 | Medium | 5.9 | 2023-08-27 | IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sen… |
CVE-2022-30611 | Medium | 5.4 | 2022-06-10 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remot… |
CVE-2021-39055 | Medium | 5.4 | 2022-03-14 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript… |
CVE-2021-39054 | Medium | 5.4 | 2021-12-13 | IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit… |
CVE-2022-31769 | Medium | 5.3 | 2022-06-10 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which… |
CVE-2022-30610 | Medium | 4.5 | 2022-06-10 | IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum C… |
CVE-2022-22426 | Low | 3.3 | 2022-06-10 | IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of prop… |