Vulnerabilities > IBM > Spectrum Copy Data Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-26 CVE-2021-3669 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux ibm debian fedoraproject redhat CWE-770
5.5
2022-06-10 CVE-2022-30610 Improper Privilege Management vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it.
network
low complexity
ibm CWE-269
4.5
2022-06-10 CVE-2022-30611 Cross-site Scripting vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.
network
low complexity
ibm CWE-79
5.4
2022-06-10 CVE-2022-31769 Unspecified vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system.
network
low complexity
ibm
5.3
2022-03-14 CVE-2021-39051 Server-Side Request Forgery (SSRF) vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function.
network
low complexity
ibm CWE-918
6.5
2022-03-14 CVE-2021-39055 Cross-site Scripting vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-03-14 CVE-2022-22344 Injection vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-74
6.1
2021-12-13 CVE-2021-39054 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Copy Data Management 2.2.0.0/2.2.13
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
5.4