CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33832 – IBM Storage Protect denial of service
https://notcve.org/view.php?id=CVE-2023-33832
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012. • https://exchange.xforce.ibmcloud.com/vulnerabilities/256012 https://www.ibm.com/support/pages/node/7011761 • CWE-20: Improper Input Validation CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20532
https://notcve.org/view.php?id=CVE-2021-20532
IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811. IBM Spectrum Protect Client versiones 8.1.0.0 hasta 8.1.11.0, podría permitir a un usuario local escalar sus privilegios para tomar el control total del sistema debido a permisos de directorio no seguros. IBM X-Force ID: 198811 • https://exchange.xforce.ibmcloud.com/vulnerabilities/198811 https://www.ibm.com/support/pages/node/6445503 • CWE-276: Incorrect Default Permissions •
CVSS: 5.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-2025
https://notcve.org/view.php?id=CVE-2018-2025
IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551. IBM Spectrum Protect Backup-Archive Client e IBM Spectrum Protect for Virtual Environments versiones 7.1 y 8.1, crean directorios y archivos en el subdirectorio CIT que pueden ser leído y escrito por todos. ID de IBM X-Force: 155551. • https://exchange.xforce.ibmcloud.com/vulnerabilities/155551 https://www.ibm.com/support/pages/node/1107261 • CWE-276: Incorrect Default Permissions •
CVSS: 4.7EPSS: 0%CPEs: 14EXPL: 0CVE-2018-1882
https://notcve.org/view.php?id=CVE-2018-1882
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968. En ciertas configuraciones atípicas de IBM Spectrum Protect versiones 7.1 y 8.1, la contraseña del nodo podría mostrarse en texto plano en el archivo de rastreo del cliente de IBM Spectrum Protect. ID de IBM X-Force: 151968. • http://www.ibm.com/support/docview.wss?uid=ibm10869208 http://www.ibm.com/support/docview.wss?uid=ibm10869436 http://www.securityfocus.com/bid/107861 https://exchange.xforce.ibmcloud.com/vulnerabilities/151968 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-1787
https://notcve.org/view.php?id=CVE-2018-1787
IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872. IBM Spectrum Protect versiones 7.1 y 8.1, se ve afectado por una vulnerabilidad de exposición de contraseña causada por permisos de archivos no seguros. ID de IBM X-Force: 148872. • http://www.ibm.com/support/docview.wss?uid=ibm10869602 https://exchange.xforce.ibmcloud.com/vulnerabilities/148872 • CWE-732: Incorrect Permission Assignment for Critical Resource •