CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33832 – IBM Storage Protect denial of service
https://notcve.org/view.php?id=CVE-2023-33832
19 Jul 2023 — IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012. • https://exchange.xforce.ibmcloud.com/vulnerabilities/256012 • CWE-20: Improper Input Validation CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28956 – IBM Spectrum Protect Backup-Archive Client privilege escalation
https://notcve.org/view.php?id=CVE-2023-28956
22 Jun 2023 — IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. IBM X-Force ID: 251767. IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251767 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-22478
https://notcve.org/view.php?id=CVE-2022-22478
30 Jun 2022 — IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886. IBM Spectrum Protect Client versiones 8.1.0.0 hasta 8.1.14.0, almacena las credenciales de usuario en texto sin cifrar que puede leer un usuario local. IBM X-Force ID: 225886 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225886 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22474
https://notcve.org/view.php?id=CVE-2022-22474
30 Jun 2022 — IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348. Los procesos dsmcad, dsmc y dsmcsvc de IBM Spectrum Protect versiones 8.1.0.0 hasta 8.1.14.0, manejan inapropiadamente determinadas operaciones de lectura en sockets TCP/IP. Esto puede resultar en una denegación de servicio para las operaciones de cliente de IB... • https://exchange.xforce.ibmcloud.com/vulnerabilities/225348 •
CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 0CVE-2021-39048 – Gentoo Linux Security Advisory 202209-02
https://notcve.org/view.php?id=CVE-2021-39048
13 Dec 2021 — IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438. IBM Spectrum Protect Client versiones 7.1 y 8.1, es vulnerable a un desbordamiento del búfer en la región stack de la memoria, causado por una comprobación inapropiada de límites. Un atacante local podría aprovechar esta vulnerabilidad y causar una denegación de servicio. • https://exchange.xforce.ibmcloud.com/vulnerabilities/214438 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29672 – Gentoo Linux Security Advisory 202209-02
https://notcve.org/view.php?id=CVE-2021-29672
26 Apr 2021 — IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. A local attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash. IBM X-Force ID: 199479 IBM Spectrum Protect Client versiones 8.1.0.0-8 hasta 1.11.0, es vulnerable a un desbordamiento del búfer en la región stack de la memoria, causado por una comprobaci... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199479 • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20546
https://notcve.org/view.php?id=CVE-2021-20546
26 Apr 2021 — IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the application to crash. IBM X-Force ID: 198934 IBM Spectrum Protect Client versiones 8.1.0.0 hasta 8.1.11.0, es vulnerable a un desbordamiento de búfer en la región stack de la memoria, causado por una comprobación de límites inapropiada. Un atacante local podría desbordar un búfer y causar que la aplicación se bloq... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198934 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20532
https://notcve.org/view.php?id=CVE-2021-20532
26 Apr 2021 — IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811. IBM Spectrum Protect Client versiones 8.1.0.0 hasta 8.1.11.0, podría permitir a un usuario local escalar sus privilegios para tomar el control total del sistema debido a permisos de directorio no seguros. IBM X-Force ID: 198811 • https://exchange.xforce.ibmcloud.com/vulnerabilities/198811 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-4494
https://notcve.org/view.php?id=CVE-2020-4494
15 Jun 2020 — IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019. IBM Spectrum Protect Client versiones 8.1.7.0 hasta 8.1.9.1 (Linux y Windows), versiones 8.1.9.0 hasta 8.1.9.1 (AIX) e ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/182019 • CWE-287: Improper Authentication •
CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0CVE-2020-4406
https://notcve.org/view.php?id=CVE-2020-4406
15 Jun 2020 — IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Fo... • https://exchange.xforce.ibmcloud.com/vulnerabilities/179488 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •