Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Spectrum Protect  Security Vulnerabilities
CVE-2020-4213
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024.
CVSS Score
9.8
EPSS Score
0.289
Published
2020-02-24
CVE-2020-4222
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091.
CVSS Score
9.8
EPSS Score
0.289
Published
2020-02-24
CVE-2018-2025
IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.
CVSS Score
5.1
EPSS Score
0.001
Published
2019-11-25
CVE-2019-4236
A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to restore or retrieve the object with incorrect ACL entries. IBM X-Force ID: 159418.
CVSS Score
5.1
EPSS Score
0.0
Published
2019-07-22
CVE-2019-4267
The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code on the local system or the application to crash. IBM X-Force ID: 160200.
CVSS Score
4.9
EPSS Score
0.001
Published
2019-07-22
CVE-2019-4140
IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336.
CVSS Score
6.3
EPSS Score
0.0
Published
2019-07-02
CVE-2019-4093
IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. IBM X-Force ID: 157981.
CVSS Score
5.1
EPSS Score
0.001
Published
2019-04-02
CVE-2018-1786
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871.
CVSS Score
5.3
EPSS Score
0.004
Published
2018-11-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved