Vulnerabilities > IBM > Spectrum Protect FOR Space Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-33832 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in IBM products
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality.
local
high complexity
ibm CWE-367
4.7
4.7
2021-12-13 CVE-2021-39048 Out-of-bounds Write vulnerability in IBM products
IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking.
local
low complexity
ibm CWE-787
5.5
5.5
2021-04-26 CVE-2021-20546 Out-of-bounds Write vulnerability in IBM products
IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking.
local
low complexity
ibm CWE-787
5.5
5.5
2020-06-15 CVE-2020-4406 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
5.4
5.4