Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Spectrum Protect Client
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-33832 2 Ibm, Linux 5 Aix, Spectrum Protect Client, Spectrum Protect For Space Management and 2 more 2024-02-28 N/A 4.7 MEDIUM
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012.
CVE-2022-22478 6 Apple, Hp, Ibm and 3 more 7 Macos, Hp-ux, Aix and 4 more 2024-02-28 2.1 LOW 5.5 MEDIUM
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886.
CVE-2022-22474 1 Ibm 1 Spectrum Protect Client 2024-02-28 5.0 MEDIUM 7.5 HIGH
IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348.
CVE-2021-20546 1 Ibm 2 Spectrum Protect Client, Spectrum Protect For Space Management 2024-02-28 2.1 LOW 5.5 MEDIUM
IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the application to crash. IBM X-Force ID: 198934
CVE-2021-29672 1 Ibm 2 Spectrum Protect Client, Spectrum Protect For Space Management 2024-02-28 7.2 HIGH 7.8 HIGH
IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. A local attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash. IBM X-Force ID: 199479
CVE-2020-4406 3 Ibm, Linux, Microsoft 5 Aix, Spectrum Protect Client, Spectrum Protect For Space Management and 2 more 2024-02-28 3.5 LOW 5.4 MEDIUM
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 179488.
CVE-2020-4494 3 Ibm, Linux, Microsoft 5 Aix, Spectrum Protect Client, Spectrum Protect For Space Management and 2 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.
CVE-2018-1545 2 Apple, Ibm 3 Macos, Spectrum Protect Client, Spectrum Protect For Virtual Environments 2024-02-28 5.0 MEDIUM 7.5 HIGH
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.
CVE-2018-1785 2 Apple, Ibm 3 Macos, Spectrum Protect Client, Spectrum Protect For Virtual Environments 2024-02-28 5.0 MEDIUM 7.5 HIGH
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.