Vulnerabilities > IBM > Spectrum Protect FOR Space Management > High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-26	CVE-2021-29672	Out-of-bounds Write vulnerability in IBM products IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. local low complexity ibm CWE-787	7.8
2020-06-15	CVE-2020-4494	Improper Authentication vulnerability in IBM products IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. network low complexity ibm CWE-287	7.5
2018-04-04	CVE-2018-1447	Use of Password Hash With Insufficient Computational Effort vulnerability in IBM products The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. network high complexity ibm CWE-916	8.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.