cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-27863,https://securityvulnerability.io/vulnerability/CVE-2023-27863,IBM Spectrum Protect Plus Server information disclosure,"IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores.  IBM X-Force ID:  249325.",IBM,Spectrum Protect Plus Server,4.4,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-05-12T19:15:00.000Z,0
CVE-2022-22487,https://securityvulnerability.io/vulnerability/CVE-2022-22487,Brute Force Authentication Vulnerability in IBM Spectrum Protect Storage Agent,"The IBM Spectrum Protect storage agent is susceptible to a brute force authentication vulnerability that permits remote attackers to attempt unlimited login attempts without locking the administrative account. This flaw could allow unauthorized individuals to exploit the agent and subsequently gain access to the IBM Spectrum Protect Server it interfaces with, enabling potential unauthorized actions and access to sensitive data.",IBM,Spectrum Protect Server,5.9,MEDIUM,0.002469999948516488,false,,false,false,false,,,false,false,,2022-06-30T17:15:00.000Z,0
CVE-2022-22496,https://securityvulnerability.io/vulnerability/CVE-2022-22496,Offline Dictionary Attack Vulnerability in IBM Spectrum Protect Server,"IBM Spectrum Protect Server versions 8.1.0.000 through 8.1.14 are vulnerable when configured with SESSIONSECURITY=TRANSITIONAL. This setup can expose user accounts to offline dictionary attacks, where an attacker could potentially guess passwords by systematically testing a list of credentials without immediate feedback. It is crucial for impacted users to update configuration settings or upgrade to the latest version to mitigate this risk.",IBM,Spectrum Protect Server,5.3,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2022-06-30T17:15:00.000Z,0
CVE-2022-22485,https://securityvulnerability.io/vulnerability/CVE-2022-22485,Brute Force Login Bypass in IBM Spectrum Protect Operations Center,"A vulnerability in IBM Spectrum Protect Operations Center allows an attacker to exploit a failure in the login mechanism. When attempts to log in are unsuccessful, the invalid sign-on count does not increment on the IBM Spectrum Protect Server. This loophole can be exploited using brute-force techniques, enabling unauthorized administrative access, posing significant risks to the security and integrity of the server.",IBM,Spectrum Protect Server,5.9,MEDIUM,0.001449999981559813,false,,false,false,false,,,false,false,,2022-06-17T16:15:00.000Z,0
CVE-2022-22394,https://securityvulnerability.io/vulnerability/CVE-2022-22394,Remote Access Control Bypass Vulnerability in IBM Spectrum Protect,"The IBM Spectrum Protect server version 8.1.14.000 is susceptible to a vulnerability that allows remote attackers to bypass established security restrictions. This security flaw arises from inadequately enforced access controls, enabling a malicious user to log in and exploit the oversight. Consequently, the attacker may gain unauthorized administrative or node access to the compromised server, posing significant risks to data integrity and system confidentiality.",IBM,Spectrum Protect Server,7.5,HIGH,0.0018100000452250242,false,,false,false,false,,,false,false,,2022-03-21T17:15:00.000Z,0
CVE-2021-20491,https://securityvulnerability.io/vulnerability/CVE-2021-20491,,"IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parameter, an authorized administrator could overflow a buffer and cause the server to crash. IBM X-Force ID: 197792.",IBM,Spectrum Protect Server,4.4,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2021-04-16T16:15:00.000Z,0
CVE-2020-4591,https://securityvulnerability.io/vulnerability/CVE-2020-4591,,IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.,IBM,Spectrum Protect Server,2.9,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-08-28T15:15:00.000Z,0