Vulnerabilities > IBM > Spectrum Protect FOR Virtual Environments > 8.1.6

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-19	CVE-2023-33832	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in IBM products IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. local high complexity ibm CWE-367	4.7
2021-04-26	CVE-2021-20532	Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. local low complexity ibm CWE-276	7.2
2019-11-25	CVE-2018-2025	Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. local low complexity ibm CWE-276	3.6
2019-04-08	CVE-2018-1882	Cleartext Storage of Sensitive Information vulnerability in IBM products In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. local ibm CWE-312	1.9
2019-04-08	CVE-2018-1787	Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. local low complexity ibm microsoft CWE-732	2.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.