CVE-2025-3319
- EPSS 0.11%
- Veröffentlicht 20.06.2025 14:50:45
- Zuletzt bearbeitet 13.08.2025 14:06:26
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources.
CVE-2022-22487
- EPSS 0.28%
- Veröffentlicht 30.06.2022 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:46:53
An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability...
CVE-2022-22496
- EPSS 0.13%
- Veröffentlicht 30.06.2022 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:46:54
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force I...
CVE-2020-4591
- EPSS 0.02%
- Veröffentlicht 28.08.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:32:57
IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.
CVE-2018-1788
- EPSS 0.07%
- Veröffentlicht 02.11.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:22
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. IBM X-Force ID: 148873.