Every CVE whose affected-product data names Ibm Spectrum Protect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2020-4415 — CVSS 9.8 (critical): IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could…
CVE-2020-4210 — CVSS 9.8 (critical): IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially…
CVE-2020-4211 — CVSS 9.8 (critical): IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially…
CVE-2020-4212 — CVSS 9.8 (critical): IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially…
CVE-2020-4213 — CVSS 9.8 (critical): IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially…
CVE-2020-4222 — CVSS 9.8 (critical): IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially…
CVE-2022-22394 — CVSS 8.8 (high): The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of…
CVE-2019-4267 — CVSS 7.8 (high): The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code…
CVE-2020-4559 — CVSS 7.5 (high): IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input…
CVE-2019-4140 — CVSS 7.1 (high): IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring…
CVE-2022-22484 — CVSS 5.5 (medium): IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text…
CVE-2020-5017 — CVSS 5.5 (medium): IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and…
CVE-2018-1786 — CVSS 5.3 (medium): IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause…
CVE-2019-4236 — CVSS 4.4 (medium): A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List…
CVE-2021-20491 — CVSS 4.4 (medium): IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing…
CVE-2019-4093 — CVSS 4.4 (medium): IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect…
CVE-2018-2025 — CVSS 4.4 (medium): IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the…
CVE-2023-27863 — CVSS 4.4 (medium): IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be…