Skip to main content

Spectrum Protect For Space Management

7 CVEs product

Monthly

CVE-2023-33832 MEDIUM PATCH This Month

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. Rated medium severity (CVSS 4.7).

Denial Of Service IBM Spectrum Protect Client Spectrum Protect For Space Management Spectrum Protect For Virtual Environments
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2021-39048 MEDIUM PATCH This Month

IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service IBM Memory Corruption Spectrum Protect Backup Archive Client +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-29672 HIGH PATCH This Week

IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow IBM Memory Corruption RCE Spectrum Protect Client +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-20546 MEDIUM PATCH This Month

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow IBM Memory Corruption Spectrum Protect Client Spectrum Protect For Space Management
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-4494 HIGH This Week

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Microsoft Authentication Bypass Spectrum Protect Client Spectrum Protect For Space Management
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-4406 MEDIUM This Month

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Microsoft Spectrum Protect Client Spectrum Protect For Space Management
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2018-1447 HIGH PATCH This Week

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Spectrum Protect For Space Management Spectrum Protect For Virtual Environments Spectrum Protect Snapshot
NVD
CVSS 3.0
8.1
EPSS
0.9%
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. Rated medium severity (CVSS 4.7).

Denial Of Service IBM Spectrum Protect Client +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service IBM +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow IBM Memory Corruption +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow IBM Memory Corruption +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Microsoft Authentication Bypass +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Microsoft +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Spectrum Protect For Space Management +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy