Ibm Storage Protect vulnerabilities
5 known vulnerabilities affecting ibm/storage_protect.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-12628P2CRITICALCVSS 9.1≥ 8.1.0.0, < 8.2.1.12026-06-22
CVE-2026-12628 [CRITICAL] CWE-798 CVE-2026-12628: IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.
IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager (FCM) authentication mechanism. The application contains a static credential embedded in multiple authentica
nvd
CVE-2024-38320P3HIGHCVSS 7.5≥ 8.1.0.0, < 8.1.24.02025-01-27
CVE-2024-38320 [HIGH] CWE-327 CVE-2024-38320: IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
nvd
CVE-2023-35897P3HIGHCVSS 7.8≥ 8.1.0.0, ≤ 8.1.19.02023-10-06
CVE-2023-35897 [HIGH] CWE-94 CVE-2023-35897: IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.
IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.
nvd
CVE-2023-40368P4MEDIUMCVSS 4.4≥ 8.1.0.0, ≤ 8.1.19.02023-09-20
CVE-2023-40368 [MEDIUM] CWE-200 CVE-2023-40368: IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive infor
IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456.
nvd
CVE-2023-33832P4MEDIUMCVSS 4.7≥ 8.1.0.0, ≤ 8.1.17.02023-07-19
CVE-2023-33832 [MEDIUM] CWE-20 CVE-2023-33832: IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012.
nvd