Ibm

Spectrum Protect Operations Center

13 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2022-22494

  • EPSS 0.47%
  • Published 30.06.2022 17:15:07
  • Last modified 21.11.2024 06:46:53

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attack...

9.8

CVE-2022-22485

  • EPSS 0.18%
  • Published 17.06.2022 16:15:08
  • Last modified 21.11.2024 06:46:53

In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could ex...

8.8

CVE-2022-22346

  • EPSS 0.09%
  • Published 14.03.2022 17:15:07
  • Last modified 21.11.2024 06:46:40

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force I...

3.5

CVE-2022-22348

  • EPSS 0.04%
  • Published 14.03.2022 17:15:07
  • Last modified 21.11.2024 06:46:40

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that ano...

5.5

CVE-2021-38901

  • EPSS 0.04%
  • Published 13.12.2021 19:15:07
  • Last modified 21.11.2024 06:18:10

IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.

5.4

CVE-2020-4954

  • EPSS 0.09%
  • Published 15.02.2021 15:15:13
  • Last modified 21.11.2024 05:33:28

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obtain a valid session using an attacker controlled IB...

8

CVE-2020-4955

  • EPSS 1.28%
  • Published 15.02.2021 15:15:13
  • Last modified 21.11.2024 05:33:28

IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an a...

4.8

CVE-2020-4956

  • EPSS 0.23%
  • Published 15.02.2021 15:15:13
  • Last modified 21.11.2024 05:33:28

IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. By setting a grossly large cache value and dumping that cached value to a file m...

5.3

CVE-2020-4771

  • EPSS 0.14%
  • Published 23.11.2020 17:15:12
  • Last modified 21.11.2024 05:33:13

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7.1.0.000 through 7.1.11 could allow a remote attacker to obtain sensitive information, caused by improper authentication of a websocket endpoint. By using known tools to subscribe t...

9.8

CVE-2020-4693

  • EPSS 0.62%
  • Published 02.09.2020 19:15:18
  • Last modified 21.11.2024 05:33:08

IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782.