Ibm

Spectrum Protect Operations Center

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2022-22494

  • EPSS 0.47%
  • Veröffentlicht 30.06.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:46:53

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attack...

9.8

CVE-2022-22485

  • EPSS 0.18%
  • Veröffentlicht 17.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:53

In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could ex...

8.8

CVE-2022-22346

  • EPSS 0.09%
  • Veröffentlicht 14.03.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:46:40

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force I...

3.5

CVE-2022-22348

  • EPSS 0.04%
  • Veröffentlicht 14.03.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:46:40

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that ano...

5.5

CVE-2021-38901

  • EPSS 0.04%
  • Veröffentlicht 13.12.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:10

IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.

5.4

CVE-2020-4954

  • EPSS 0.09%
  • Veröffentlicht 15.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:28

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obtain a valid session using an attacker controlled IB...

8

CVE-2020-4955

  • EPSS 1.28%
  • Veröffentlicht 15.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:28

IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an a...

4.8

CVE-2020-4956

  • EPSS 0.23%
  • Veröffentlicht 15.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:28

IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. By setting a grossly large cache value and dumping that cached value to a file m...

5.3

CVE-2020-4771

  • EPSS 0.14%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:33:13

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7.1.0.000 through 7.1.11 could allow a remote attacker to obtain sensitive information, caused by improper authentication of a websocket endpoint. By using known tools to subscribe t...

9.8

CVE-2020-4693

  • EPSS 0.62%
  • Veröffentlicht 02.09.2020 19:15:18
  • Zuletzt bearbeitet 21.11.2024 05:33:08

IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782.