Ibm Spectrum Protect
23 CVEs affecting Ibm Spectrum Protect. Latest disclosed: 2021-12-13. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-4415 | Critical | 9.8 | 2020-04-23 | IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker… |
CVE-2019-4087 | Critical | 9.8 | 2019-07-02 | IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and… |
CVE-2016-8937 | Critical | 9.8 | 2017-10-05 | The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too m… |
CVE-2019-4088 | High | 7.4 | 2019-07-02 | IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a special… |
CVE-2019-4140 | Medium | 6.3 | 2019-07-02 | IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force… |
CVE-2021-39048 | Medium | 6.2 | 2021-12-13 | IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this… |
CVE-2018-1550 | Medium | 6.2 | 2018-09-26 | IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users… |
CVE-2018-1853 | Medium | 6.1 | 2019-04-08 | IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim… |
CVE-2020-4559 | Medium | 5.9 | 2020-08-28 | IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613. |
CVE-2018-1545 | Medium | 5.9 | 2018-09-26 | IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly… |
CVE-2017-1301 | Medium | 5.5 | 2017-10-05 | IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files in… |
CVE-2016-8939 | Medium | 5.5 | 2017-06-07 | IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compro… |
CVE-2018-1786 | Medium | 5.3 | 2018-11-12 | IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage… |
CVE-2019-4236 | Medium | 5.1 | 2019-07-22 | A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from back… |
CVE-2018-1787 | Medium | 5.1 | 2019-04-08 | IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872. |
CVE-2019-4093 | Medium | 5.1 | 2019-04-02 | IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interfa… |
CVE-2018-1447 | Medium | 5.1 | 2018-04-04 | The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resultin… |
CVE-2019-4267 | Medium | 4.9 | 2019-07-22 | The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code on the local system… |
CVE-2018-1882 | Medium | 4.7 | 2019-04-08 | In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client tr… |
CVE-2017-1339 | Medium | 4.4 | 2017-10-05 | IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decryp… |