Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Spectrum Copy Data Management  >> 2.2.0.0  Security Vulnerabilities
CVE-2021-38947
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39052
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523.
CVSS Score
5.6
EPSS Score
0.005
Published
2021-12-13
CVE-2021-39053
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests for Spectrum Copy Data Management Admin Console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 214524.
CVSS Score
5.9
EPSS Score
0.002
Published
2021-12-13
CVE-2021-39054
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 214525.
CVSS Score
5.4
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39058
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-12-13
CVE-2021-39064
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules and incorrectly handles default credentials for the Spectrum Copy Data Management Admin console. IBM X-Force ID: 214957.
CVSS Score
5.9
EPSS Score
0.002
Published
2021-12-13
CVE-2021-39065
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the Spectrum Copy Data Management Admin Console login and uploadcertificate function . A remote attacker could inject arbitrary shell commands which would be executed on the affected system. IBM X-Force ID: 214958.
CVSS Score
8.1
EPSS Score
0.023
Published
2021-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved