Search
Search Results (9 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-12628 | 1 Ibm | 2 Storage Protect Client, Storage Protect Snapshot For Windows | 2026-06-25 | 9.1 Critical |
| IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentication code paths, and does not properly validate authentication responses, which may allow an unauthenticated attacker to establish a trusted session and access protected services. This vulnerability affects client components across multiple versions and may allow an attacker to impersonate legitimate clients, potentially leading to unauthorized access to system resources. | ||||
| CVE-2025-13855 | 3 Ibm, Linux, Microsoft | 5 Aix, Storage Protect, Storage Protect Server and 2 more | 2026-04-03 | 7.6 High |
| IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. | ||||
| CVE-2025-3319 | 1 Ibm | 2 Spectrum Protect Server, Storage Protect Backup Archive Client | 2025-08-24 | 8.1 High |
| IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources. | ||||
| CVE-2024-38320 | 6 Apple, Hp, Ibm and 3 more | 10 Macos, Hp-ux, Aix and 7 more | 2025-08-18 | 5.9 Medium |
| IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2024-27277 | 1 Ibm | 1 Storage Protect Plus | 2025-02-14 | 6.2 Medium |
| The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. IBM X-Force ID: 285205. | ||||
| CVE-2024-38329 | 1 Ibm | 1 Storage Protect For Virtual Environments | 2024-11-21 | 7.7 High |
| IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this vulnerability to change its settings, trigger backups, restore backups, and also delete all previous backups via log rotation. IBM X-Force ID: 294994. | ||||
| CVE-2023-47715 | 1 Ibm | 1 Storage Protect Plus | 2024-11-21 | 4.3 Medium |
| IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. IBM X-Force ID: 271538. | ||||
| CVE-2023-40368 | 1 Ibm | 1 Storage Protect | 2024-11-21 | 4.4 Medium |
| IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456. | ||||
| CVE-2023-35897 | 1 Ibm | 2 Storage Protect, Storage Protect Client | 2024-11-21 | 8.4 High |
| IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246. | ||||
Page 1 of 1.