Search Results for "Spectrum Control"

Security Bulletin: Vulnerability in remote support authentication affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

May 10, 2022 | Medium Severity

A vulnerability in the challenge / response authentication mechanism used by IBM remote support may allow unauthorized access as credentials can be reused on the product's management GUI. ...read more


Security Bulletin: IBM Spectrum Protect 8.1.14.000 Server is vulnerable to bypass of security restrictions (CVE-2022-22394)

March 18, 2022 | High Severity

IBM Spectrum Protect 8.1.14.000 Server could allow a remote attacker to bypass security restrictions due to improper enforcement of access controls. ...read more


Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM Dojo (CVE-2021-234550), Java SE (CVE-2021-35578), IBM WebSphere Application Server – Liberty (CVE-2021-39031), Apache Log4j (CVE-2021-44832) and Gson (217225)

March 7, 2022 | Critical Severity

IBM Spectrum Control has multiple vulnerabilities: arbitrary code execution due to Apache Log4j (CVE-2021-44832) and Dojo (CVE-2021-23450), denial of service due to Java SE (CVE-2021-35578) and Gson (217225) and LDAP injection due to IBM Websphere Application Security - Liberty (CVE-2021-39031). The fix includes Apache Log4j 2.17.1. ...read more


Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM Dojo (CVE-2021-234550), Java SE (CVE-2021-35578), IBM WebSphere Application Server – Liberty (CVE-2021-39031), Apache Log4j (CVE-2021-44832) and Gson (217225)

March 3, 2022 | Critical Severity

IBM Spectrum Control has multiple vulnerabilities: arbitrary code execution due to Apache Log4j (CVE-2021-44832) and Dojo (CVE-2021-23450), denial of service due to Java SE (CVE-2021-35578) and Gson (217225) and LDAP injection due to IBM Websphere Application Security - Liberty (CVE-2021-39031). The fix includes Apache Log4j 2.17.1. ...read more


An update on the Apache Log4j 2.x vulnerabilities

February 11, 2022 | Critical Severity

Updated February 11, 3:42pm: IBM’s top priority remains the security of our clients and products. IBM is actively responding to the remote code execution vulnerability in the Apache Log4j 2 Java library dubbed Log4Shell (or LogJam). ...read more


Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

January 17, 2022 | High Severity

A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing an attacker to cause a denial of service. The Command Line Interface is unaffected. ...read more


Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Control (CVE-2021-44228)

January 10, 2022 | Critical Severity

A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Control due to its use of Log4j for logging, tracing, alerting, and the local help documentation. ...read more


Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Control (CVE-2021-4104)

January 7, 2022 | High Severity

A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Control due to its use of Log4j for logging, tracing, alerting, and the local help documentation. ...read more


Security Bulletin: Vulnerabilities in Apache Log4j affect IBM Spectrum Control (CVE-2021-45105, CVE-2021-45046)

January 7, 2022 | Critical Severity

There are two vulnerabilities in Apache Log4j: denial of service (CVE-2021-45105) and remote code execution (CVE-2021-45046). These vulnerabilities may affect IBM Spectrum Control due to its use of Log4j for logging, tracing, alerting, and the local help documentation. The fix includes Apache Log4j 2.17. ...read more