Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-05085
HistoryDec 16, 2021 - 12:00 a.m.

IBM Spectrum Protect Plus Access Control Error Vulnerability

2021-12-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
ibm spectrum protect plus
data protection
security vulnerability
access control
misconfiguration
cors
privileged operations
sensitive information
cnvd

EPSS

0.001

Percentile

44.1%

JSON

IBM Spectrum Protect Plus is a data protection platform from IBM USA. The platform provides enterprises with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of all sizes.A security vulnerability exists in IBM Spectrum Protect Plus, which stems from the fact that IBM Spectrum Protect Plus uses cross-source resource sharing (CORS), but is misconfigured in the access control header. An attacker could exploit the vulnerability to perform privileged operations and retrieve sensitive information.

Related

prion 1
cvelist 1
nvd 1
cve 1
ibm 1
prion
prion
Design/Logic Flaw
2021-12-13 19:15:00
cvelist
cvelist
CVE-2021-39063
2021-12-13 18:35:37
nvd
nvd
CVE-2021-39063
2021-12-13 19:15:08
cve
cve
CVE-2021-39063
2021-12-13 19:15:08
ibm
ibm
Security Bulletin: IBM Spectrum Protect Plus is vulnerable to SSRF, MITM, and CORS attacks
2021-12-10 21:03:31

EPSS

0.001

Percentile

44.1%

JSON
Related for CNVD-2022-05085
prion1cvelist1nvd1cve1ibm1