Vulnerabilities > IBM > Spectrum Protect Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-30 | CVE-2022-22487 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Spectrum Protect Server An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. | 9.8 |
| 2022-06-30 | CVE-2022-22496 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Spectrum Protect Server While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. | 6.5 |
| 2020-08-28 | CVE-2020-4591 | Missing Encryption of Sensitive Data vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. | 3.3 |
| 2018-11-02 | CVE-2018-1788 | Information Exposure Through Log Files vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. | 4.4 |