Vulnerabilities > IBM > Spectrum Protect Operations Center > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-30 | CVE-2022-22494 | Unspecified vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. | 5.3 |
| 2021-12-13 | CVE-2021-38901 | Information Exposure vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. | 5.5 |
| 2021-02-15 | CVE-2020-4956 | Resource Exhaustion vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. | 4.8 |
| 2021-02-15 | CVE-2020-4954 | Session Fixation vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . | 5.4 |
| 2020-11-23 | CVE-2020-4771 | Improper Authentication vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7.1.0.000 through 7.1.11 could allow a remote attacker to obtain sensitive information, caused by improper authentication of a websocket endpoint. | 5.3 |
| 2019-07-02 | CVE-2019-4129 | Information Exposure Through an Error Message vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain sensitive information, caused by an error message containing a stack trace. | 5.3 |