CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38320 – IBM Storage Protect for Virtual Environments: Data Protection for VMware information disclosure
https://notcve.org/view.php?id=CVE-2024-38320
27 Jan 2025 — IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive inf... • https://www.ibm.com/support/pages/node/7173462 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38329 – IBM Storage Protect for Virtual Environments: Data Protection for VMware security bypass
https://notcve.org/view.php?id=CVE-2024-38329
19 Jun 2024 — IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this vulnerability to change its settings, trigger backups, restore backups, and also delete all previous backups via log rotation. IBM X-Force ID: 294994. IBM Storage Protect for Virtual Environments: Data Protection for... • https://exchange.xforce.ibmcloud.com/vulnerabilities/294994 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-1987
https://notcve.org/view.php?id=CVE-2018-1987
02 Aug 2019 — IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280. Spectrum Protect de IBM para Enterprise Resource Planning versión 7.1 y 8.1, si el rastreo está activado, la contraseña del nodo de IBM Spectrum Protect puede mostrarse en texto plano en el archivo de rastreo ERP. ID de IBM X-Force: 154280. • http://www.ibm.com/support/docview.wss?uid=ibm10883782 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-1786
https://notcve.org/view.php?id=CVE-2018-1786
12 Nov 2018 — IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871. Los procesos dsmc y dsmcad de IBM Spectrum Protect 7.1 y 8.1 acumulan incorrectamente sockets TCP/IP en un estado CLOSE_WAIT. Esto puede provocar el filtrado del recurso TCP/IP y podría resultar en una denegación de servicio (DoS). • http://www.ibm.com/support/docview.wss?uid=ibm10738765 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2016-6033
https://notcve.org/view.php?id=CVE-2016-6033
15 Feb 2017 — IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1995545. IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) es vulnerable CSRF lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que la página web confía. IBM Referencia #: 19955... • http://www.ibm.com/support/docview.wss?uid=swg21995545 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-6110
https://notcve.org/view.php?id=CVE-2016-6110
01 Feb 2017 — IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. Tivoli Storage Manager de IBM, revela credenciales de inicio de sesión no cifradas en vCenter de Vmware que podrían ser obtenidas por un usuario local. • http://www.ibm.com/support/docview.wss?uid=swg21996198 • CWE-255: Credentials Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-6034
https://notcve.org/view.php?id=CVE-2016-6034
01 Feb 2017 — IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges. IBM Tivoli Storage Manager para Virtual Environments (VMware) podría revelar las credenciales de dominio de Windows a un usuario con un alto nivel de privilegios. • http://www.ibm.com/support/docview.wss?uid=swg21995544 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3059
https://notcve.org/view.php?id=CVE-2016-3059
08 Aug 2016 — IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka IBM Spectrum Protect for Databases) 6.3 before 6.3.1.7 and 6.4 before 6.4.1.9 and Tivoli Storage FlashCopy Manager for Microsoft SQL Server (aka IBM Spectrum Protect Snapshot) 3.1 before 3.1.1.7 and 3.2 before 3.2.1.9 allow local users to discover a cleartext SQL Server password by reading the Task List in the MMC GUI. IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (también conocido co... • http://www-01.ibm.com/support/docview.wss?uid=swg21987333 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 9%CPEs: 18EXPL: 0CVE-2015-7425
https://notcve.org/view.php?id=CVE-2015-7425
21 Feb 2016 — The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.4 allows remote attackers to obtain administrative privileges via a crafted URL that triggers back-end function execution. El... • http://www-01.ibm.com/support/docview.wss?uid=swg21973086 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 55EXPL: 0CVE-2015-7404
https://notcve.org/view.php?id=CVE-2015-7404
14 Nov 2015 — IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (aka Spectrum Protect for Mail) 5.5 before 5.5.1.1, 6.1 and 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; and Tivoli Storage FlashCopy Manager for Windows (aka Spectrum Protect Snapshot) 2.x and 3.1 before 3.1.1.6, ... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT11349 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •