Vulnerabilities > IBM > Spectrum Protect Backup Archive Client
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2023-28956 | Incorrect Privilege Assignment vulnerability in IBM Spectrum Protect Backup-Archive Client IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. | 7.8 |
| 2021-12-13 | CVE-2021-39048 | Out-of-bounds Write vulnerability in IBM products IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. | 5.5 |
| 2021-04-26 | CVE-2021-20532 | Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. | 7.8 |
| 2019-11-25 | CVE-2019-4406 | Unspecified vulnerability in IBM Spectrum Protect Backup-Archive Client IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications. | 4.4 |
| 2019-04-08 | CVE-2018-1882 | Cleartext Storage of Sensitive Information vulnerability in IBM products In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. | 4.7 |
| 2019-04-08 | CVE-2018-1853 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Protect Backup-Archive Client IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2019-04-08 | CVE-2018-1787 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. | 5.5 |