Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2021-38950
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. IBM X-ForceID: 211404.
CVSS Score
7.4
EPSS Score
0.0
Published
2021-12-14
CVE-2021-39050
IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440.
CVSS Score
5.3
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39057
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.
CVSS Score
4.2
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-12-13
CVE-2020-4496
The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.
CVSS Score
6.8
EPSS Score
0.001
Published
2021-12-13
CVE-2021-38901
IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.
CVSS Score
5.1
EPSS Score
0.0
Published
2021-12-13
CVE-2021-39048
IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.
CVSS Score
6.2
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39049
IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439.
CVSS Score
5.3
EPSS Score
0.001
Published
2021-12-13
CVE-2021-38947
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39052
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523.
CVSS Score
5.6
EPSS Score
0.005
Published
2021-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved