cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-38320,https://securityvulnerability.io/vulnerability/CVE-2024-38320,Cryptographic Vulnerability in IBM Storage Protect for Virtual Environments,"IBM Storage Protect for Virtual Environments, including the Data Protection for VMware and the Backup-Archive Client versions 8.1.0.0 through 8.1.23.0, utilizes cryptographic algorithms that are weaker than expected. This vulnerability may allow an unauthorized attacker to decrypt highly sensitive information, posing a significant risk to the confidentiality of the data being protected.",IBM,"Storage Protect For Virtual Environments: Data Protection For Vmware,Storage Protect Backup-archive Client",5.9,MEDIUM,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-27T15:43:06.712Z,0
CVE-2024-38329,https://securityvulnerability.io/vulnerability/CVE-2024-38329,IBM Storage Protect for Virtual Environments: Data Protection for VMware security bypass,"IBM Storage Protect for Virtual Environments, specifically versions 8.1.0.0 through 8.1.22.0, is susceptible to a security vulnerability that may allow remote authenticated attackers to bypass critical security restrictions. This flaw arises from the inadequate validation of user permissions. A malicious actor could exploit this vulnerability through specially crafted requests. Potential consequences include unauthorized modifications of configuration settings, initiating or restoring backups, and the deletion of all historical backups via log rotation. This vulnerability poses significant risks to data integrity and recovery processes.",IBM,Storage Protect For Virtual Environments: Data Protection For Vmware,7.7,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-19T13:43:41.191Z,0
CVE-2023-35897,https://securityvulnerability.io/vulnerability/CVE-2023-35897,IBM Spectrum Protect code execution,"A vulnerability in IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments allows local users to execute arbitrary code by exploiting a DLL hijacking flaw. This security issue affects multiple versions, potentially leading to unauthorized access and manipulation of system resources. Users are advised to review IBM's security advisory for necessary updates and mitigation strategies.",IBM,"Storage Protect Client,Storage Protect For Virtual Environments",8.4,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-10-06T14:15:00.000Z,0
CVE-2023-40368,https://securityvulnerability.io/vulnerability/CVE-2023-40368,IBM Storage Protect information disclosure,IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client.  IBM X-Force ID:  263456.,IBM,"Storage Protect Client,Storage Protect For Space Management,Storage Protect For Virtual Environments",4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-20T19:15:00.000Z,0
CVE-2015-7425,https://securityvulnerability.io/vulnerability/CVE-2015-7425,,"The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.4 allows remote attackers to obtain administrative privileges via a crafted URL that triggers back-end function execution.",IBM,"Tivoli Storage Flashcopy Manager For Vmware,Tivoli Storage Manager For Virtual Environments Data Protection For Vmware",10,CRITICAL,0.007089999970048666,false,,false,false,false,,,false,false,,2016-02-21T18:00:00.000Z,0