IBM Spectrum Protect Plus 10.1.10

CPE Details

IBM Spectrum Protect Plus 10.1.10
10.1.10
2022-06-10
13h35 +00:00
2022-06-22
11h55 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:spectrum_protect_plus:10.1.10:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

spectrum_protect_plus

Version

10.1.10

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-47148 2024-02-02 12h51 +00:00 IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 270599.
7.5
High
CVE-2020-4497 2022-12-14 21h50 +00:00 IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques. IBM X-Force ID: 182106.
6.8
Medium
CVE-2022-40608 2022-09-19 17h25 +00:00 IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access to. IBM X-Force ID: 235873.
7.5
High
CVE-2022-40234 2022-09-19 17h25 +00:00 Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718.
5.9
Medium
CVE-2021-3669 2022-08-26 13h25 +00:00 A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
5.5
Medium