Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-4383 | 1 Ibm | 1 Spectrum Protect Plus | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165. | |||||
| CVE-2019-4357 | 1 Ibm | 1 Spectrum Protect Plus | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667, | |||||
| CVE-2019-4385 | 1 Ibm | 1 Spectrum Protect Plus | 2023-12-10 | 2.1 LOW | 6.5 MEDIUM |
| IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173. | |||||
| CVE-2018-1768 | 1 Ibm | 1 Spectrum Protect Plus | 2023-12-10 | 2.1 LOW | 7.8 HIGH |
| IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file. IBM X-Force ID: 148622. | |||||