CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38320 – IBM Storage Protect for Virtual Environments: Data Protection for VMware information disclosure
https://notcve.org/view.php?id=CVE-2024-38320
27 Jan 2025 — IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive inf... • https://www.ibm.com/support/pages/node/7173462 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38329 – IBM Storage Protect for Virtual Environments: Data Protection for VMware security bypass
https://notcve.org/view.php?id=CVE-2024-38329
19 Jun 2024 — IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this vulnerability to change its settings, trigger backups, restore backups, and also delete all previous backups via log rotation. IBM X-Force ID: 294994. IBM Storage Protect for Virtual Environments: Data Protection for... • https://exchange.xforce.ibmcloud.com/vulnerabilities/294994 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-1786
https://notcve.org/view.php?id=CVE-2018-1786
12 Nov 2018 — IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871. Los procesos dsmc y dsmcad de IBM Spectrum Protect 7.1 y 8.1 acumulan incorrectamente sockets TCP/IP en un estado CLOSE_WAIT. Esto puede provocar el filtrado del recurso TCP/IP y podría resultar en una denegación de servicio (DoS). • http://www.ibm.com/support/docview.wss?uid=ibm10738765 • CWE-400: Uncontrolled Resource Consumption •