Spectrum Protect for Virtual Environments

8.1.0.0

OTHER 2 CVEs

8.1

MAJOR_MINOR 2 CVEs

7.1.0.0

OTHER 1 CVE

7.1

MAJOR_MINOR 2 CVEs

7.1.8.5

OTHER 1 CVE

8.1.11.0

OTHER 1 CVE

8.1.8.0

OTHER 1 CVE

CVE-2021-20532

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811.

HIGH Apr 26, 2021

CVE-2018-2025

IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. IBM X-Force ID: 155551.

MEDIUM Nov 25, 2019

CVE-2018-1447

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. Note: After update the customer should change password to ensure the new password is stored more securely. Products should encourage customers to take this step as a high priority action. IBM X-Force ID: 139972.

MEDIUM Apr 04, 2018

CVE-2017-1378

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875.

UNKNOWN Oct 05, 2017