Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-05086
HistoryDec 16, 2021 - 12:00 a.m.

IBM Spectrum Protect Plus server-side request forgery vulnerability

2021-12-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
ibm spectrum protect plus
server-side request forgery
data protection
network enumeration
security vulnerability

EPSS

0.001

Percentile

23.7%

JSON

IBM Spectrum Protect Plus is a data protection platform from IBM Corporation. The platform provides enterprises with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes.A security vulnerability exists in IBM Spectrum Protect Plus, which stems from a lack of filtering and validation of server-side request forgery on the software server side. An attacker could exploit the vulnerability to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Related

cve 1
prion 1
cvelist 1
nvd 1
ibm 1
cve
cve
CVE-2021-39057
2021-12-13 19:15:08
prion
prion
Server side request forgery (ssrf)
2021-12-13 19:15:00
cvelist
cvelist
CVE-2021-39057
2021-12-13 18:35:36
nvd
nvd
CVE-2021-39057
2021-12-13 19:15:08
ibm
ibm
Security Bulletin: IBM Spectrum Protect Plus is vulnerable to SSRF, MITM, and CORS attacks
2021-12-10 21:03:31

EPSS

0.001

Percentile

23.7%

JSON
Related for CNVD-2022-05086
cve1prion1cvelist1nvd1ibm1