Vulnerabilities > IBM > Spectrum Protect > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-12 | CVE-2023-27863 | Unspecified vulnerability in IBM Spectrum Protect 10.1.13 IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. | 4.9 |
2022-05-17 | CVE-2022-22484 | Cleartext Storage of Sensitive Information vulnerability in IBM Spectrum Protect IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. | 5.5 |
2021-04-16 | CVE-2021-20491 | Out-of-bounds Write vulnerability in IBM Spectrum Protect IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. | 4.4 |
2021-01-08 | CVE-2020-5017 | Unspecified vulnerability in IBM Spectrum Protect 10.1.0/10.1.5/10.1.6 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. | 5.5 |
2019-11-25 | CVE-2018-2025 | Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. | 4.4 |
2019-07-22 | CVE-2019-4236 | Data Processing Errors vulnerability in IBM Spectrum Protect A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. | 4.4 |
2019-04-02 | CVE-2019-4093 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Spectrum Protect 8.1.7 IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. | 4.4 |