Computer vulnerabilities of IBM Spectrum Protect

IBM Spectrum Protect Operations Center: information disclosure via Websocket
An attacker can bypass access restrictions to data via Websocket of IBM Spectrum Protect Operations Center, in order to obtain sensitive information...
6369101, CVE-2020-4771, VIGILANCE-VUL-33963

IBM Spectrum Protect Plus Linux: information disclosure via TLS Version 1.1
An attacker can bypass access restrictions to data via TLS Version 1.1 of IBM Spectrum Protect Plus Linux, in order to obtain sensitive information...
6368601, CVE-2020-4783, VIGILANCE-VUL-33952

FasterXML Jackson Databind: code execution via br.com.anteros-Anteros-DBC
An attacker can use a vulnerability via br.com.anteros:Anteros-DBC of FasterXML Jackson Databind, in order to run code...
2798, 2814, 6367943, cpujan2021, CVE-2020-24616, VIGILANCE-VUL-33951

Node.js jquery: Cross Site Scripting via Script Whitespace
An attacker can trigger a Cross Site Scripting via Script Whitespace of Node.js jquery, in order to run JavaScript code in the context of the web site...
6367943, CVE-2020-7656, NTAP-20200528-0001, VIGILANCE-VUL-33950

Spring Security: information disclosure via CBC Null Initialization Vector
An attacker can bypass access restrictions to data via CBC Null Initialization Vector of Spring Security, in order to obtain sensitive information...
6344075, 6367943, cpujan2021, cpuoct2020, CVE-2020-5408, VIGILANCE-VUL-33518

urllib3: information disclosure via CRLF Injection
An attacker can bypass access restrictions to data via CRLF Injection of urllib3, in order to obtain sensitive information...
6378264, CVE-2020-26137, openSUSE-SU-2020:2237-1, openSUSE-SU-2020:2282-1, RHSA-2020:4299-01, SUSE-SU-2020:3723-1, USN-4570-1, VIGILANCE-VUL-33484

FasterXML Jackson Databind: code execution via com.pastdev.httpcomponents.configuration.JndiConfiguration
An attacker can use a vulnerability via com.pastdev.httpcomponents.configuration.JndiConfiguration of FasterXML Jackson Databind, in order to run code...
2798, 6367943, cpujan2021, CVE-2020-24750, RHSA-2020:4173-01, VIGILANCE-VUL-33365

Node Core: information disclosure via CR-to-Hyphen HTTP Request Smuggling
An attacker can bypass access restrictions to data via CR-to-Hyphen HTTP Request Smuggling of Node Core, in order to obtain sensitive information...
6367943, CERTFR-2020-AVI-680, CVE-2020-8201, FEDORA-2020-43d5a372fc, FEDORA-2020-74bf23e1f1, FEDORA-2020-c605353480, FEDORA-2020-eb942ee0db, openSUSE-SU-2020:1616-1, RHSA-2020:4272-01, RHSA-2020:4903-01, RHSA-2020:5086-01, STORM-2020-027, STORM-2020-028, SUSE-SU-2020:2812-1, SUSE-SU-2020:2813-1, VIGILANCE-VUL-33334

Node Core: buffer overflow via fs.realpath.native
An attacker can trigger a buffer overflow via fs.realpath.native of Node Core, in order to trigger a denial of service, and possibly to run code...
6367943, CERTFR-2020-AVI-680, CVE-2020-8252, FEDORA-2020-43d5a372fc, FEDORA-2020-74bf23e1f1, FEDORA-2020-c605353480, FEDORA-2020-eb942ee0db, openSUSE-SU-2020:1616-1, openSUSE-SU-2020:1660-1, RHSA-2020:4272-01, RHSA-2020:4903-01, RHSA-2020:5086-01, STORM-2020-027, STORM-2020-028, SUSE-SU-2020:2812-1, SUSE-SU-2020:2813-1, SUSE-SU-2020:2823-1, SUSE-SU-2020:2830-1, USN-4548-1, VIGILANCE-VUL-33333

IBM Spectrum Protect Plus: two vulnerabilities
An attacker can use several vulnerabilities of IBM Spectrum Protect Plus...
6328867, CERTFR-2020-AVI-572, CVE-2020-4703, CVE-2020-4711, VIGILANCE-VUL-33329

Our database contains other pages. You can request a free trial to read them.

Display information about IBM Spectrum Protect:

https://www.ibm.com/products/data-protection-and-recovery