7 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871. Los procesos dsmc y dsmcad de IBM Spectrum Protect 7.1 y 8.1 acumulan incorrectamente sockets TCP/IP en un estado CLOSE_WAIT. Esto puede provocar el filtrado del recurso TCP/IP y podría resultar en una denegación de servicio (DoS). • http://www.ibm.com/support/docview.wss?uid=ibm10738765 http://www.securityfocus.com/bid/105940 https://exchange.xforce.ibmcloud.com/vulnerabilities/148871 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0

IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696. IBM Spectrum Protect 7.1 y 8.1 podría permitir que un usuario local corrompa o elimine información altamente sensible que provocaría una denegación de servicio (DoS) en otros usuarios. IBM X-Force ID: 142696. • http://www.ibm.com/support/docview.wss?uid=ibm10719401 https://exchange.xforce.ibmcloud.com/vulnerabilities/142696 • CWE-269: Improper Privilege Management •

CVSS: 5.5EPSS: 0%CPEs: 62EXPL: 0

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. IBM X-Force ID: 125163. IBM Spectrum Protect 7.1 y 8.1 podría permitir que un atacante local realice un ataque symlink. • http://www.ibm.com/support/docview.wss?uid=swg22006248 http://www.securityfocus.com/bid/101107 https://exchange.xforce.ibmcloud.com/vulnerabilities/125163 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875. IBM Spectrum Protect 7.1 y 8.1 (anteriormente Tivoli Storage Manager) revela las credenciales sin cifrar de inicio de sesión de Vmware vCenter en la salida de la traza de la aplicación, las cuales las puede obtener un usuario local. IBM X-Force ID: 126875. • http://www.ibm.com/support/docview.wss?uid=swg22006215 https://exchange.xforce.ibmcloud.com/vulnerabilities/126875 • CWE-522: Insufficiently Protected Credentials •

CVSS: 9.8EPSS: 0%CPEs: 65EXPL: 0

The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Force ID: 118750. El protocolo de autenticación por defecto de IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 y 8.1) es vulnerable a ataques de fuerza bruta ya que revela demasiada información durante el proceso de autenticación. Un atacante podría obtener acceso administrativo o de usuario al servidor TSM. • http://www.ibm.com/support/docview.wss?uid=swg22007935 https://exchange.xforce.ibmcloud.com/vulnerabilities/118750 • CWE-287: Improper Authentication •