Skip to main content

Spectrum Protect For Virtual Environments

7 CVEs product

Monthly

CVE-2023-33832 MEDIUM PATCH This Month

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. Rated medium severity (CVSS 4.7).

Denial Of Service IBM Spectrum Protect Client Spectrum Protect For Space Management Spectrum Protect For Virtual Environments
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2021-20532 HIGH This Week

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Spectrum Protect Backup Archive Client Spectrum Protect For Virtual Environments
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2018-1785 HIGH This Week

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Client Spectrum Protect For Virtual Environments
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2018-1545 HIGH This Week

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Client Spectrum Protect For Virtual Environments
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2018-1447 HIGH PATCH This Week

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Spectrum Protect For Space Management Spectrum Protect For Virtual Environments Spectrum Protect Snapshot
NVD
CVSS 3.0
8.1
EPSS
0.9%
CVE-2015-7426 CRITICAL Act Now

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Command Injection VMware Spectrum Protect For Virtual Environments Spectrum Protect Snapshot
NVD
CVSS 3.0
10.0
EPSS
2.7%
CVE-2015-7429 HIGH This Week

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.4 and. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure VMware Spectrum Protect For Virtual Environments Spectrum Protect Snapshot
NVD
CVSS 3.0
8.5
EPSS
0.3%
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. Rated medium severity (CVSS 4.7).

Denial Of Service IBM Spectrum Protect Client +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Spectrum Protect Backup Archive Client +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Client +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Client +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Spectrum Protect For Space Management +2
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Command Injection VMware +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.4 and. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure VMware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy