Vulnerabilities > IBM > Spectrum Copy Data Management > 2.2.13

DATE CVE VULNERABILITY TITLE RISK
2021-12-13 CVE-2021-39052 Unspecified vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization.
network
low complexity
ibm
7.5
7.5
2021-12-13 CVE-2021-39064 Improper Authentication vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules and incorrectly handles default credentials for the Spectrum Copy Data Management Admin console.
network
low complexity
ibm CWE-287
7.5
7.5
2021-12-13 CVE-2021-39065 OS Command Injection vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertificate function .
network
low complexity
ibm CWE-78
critical
 10.0
10