Ibm Storage Protect vulnerabilities

CVE-2024-38320 [HIGH] CWE-327 CVE-2024-38320: IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup- IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CVE-2023-35897 [HIGH] CWE-94 CVE-2023-35897: IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19. IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.

CVE-2023-40368 [MEDIUM] CWE-200 CVE-2023-40368: IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive infor IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456.

CVE-2023-33832 [MEDIUM] CWE-20 CVE-2023-33832: IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012.