Vulnerabilities > IBM > Spectrum Protect Plus > 10.1.9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-47148 | Missing Authorization vulnerability in IBM Spectrum Protect Plus IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. | 7.5 |
| 2022-12-14 | CVE-2020-4497 | Cleartext Transmission of Sensitive Information vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. | 5.9 |
| 2022-08-26 | CVE-2021-3669 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |
| 2022-06-06 | CVE-2022-22396 | Insufficiently Protected Credentials vulnerability in IBM Spectrum Protect Plus Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. | 5.0 |
| 2022-03-14 | CVE-2022-22354 | Unspecified vulnerability in IBM products IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. | 5.0 |