Search
Total
6056 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-2922 | 2 Netapp, Oracle | 3 Oncommand Workflow Automation, Snapcenter, Mysql | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2019-2923 | 1 Oracle | 1 Mysql | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2019-2924 | 2 Netapp, Oracle | 2 Snapcenter, Mysql | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2019-2930 | 1 Oracle | 1 Field Service | 2020-08-24 | 4.3 MEDIUM | 4.7 MEDIUM |
| Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Wireless). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Field Service. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Field Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Field Service accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). | |||||
| CVE-2019-2935 | 1 Oracle | 1 Siebel Ui Framework | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Supported versions that are affected are 19.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2019-2939 | 1 Oracle | 1 Database Server | 2020-08-24 | 4.0 MEDIUM | 5.0 MEDIUM |
| Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via OracleNet to compromise Core RDBMS. While the vulnerability is in Core RDBMS, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Core RDBMS accessible data. CVSS 3.0 Base Score 5.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N). | |||||
| CVE-2019-2952 | 1 Oracle | 1 Food And Beverage Applications | 2020-08-24 | 5.8 MEDIUM | 6.1 MEDIUM |
| Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2019-2969 | 1 Oracle | 1 Mysql | 2020-08-24 | 2.1 LOW | 6.2 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2019-2980 | 1 Oracle | 1 Flexcube Direct Banking | 2020-08-24 | 6.8 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: eMail). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2019-3001 | 1 Oracle | 1 Peoplesoft Enterprise Scm Eprocurement | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft (component: eProcurement). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM eProcurement. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise SCM eProcurement accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2019-3018 | 1 Oracle | 1 Mysql | 2020-08-24 | 3.5 LOW | 4.4 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2019-3019 | 1 Oracle | 1 Banking Digital Experience | 2020-08-24 | 4.9 MEDIUM | 5.4 MEDIUM |
| Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications (component: Loan Calculator). Supported versions that are affected are 18.1, 18.2, 18.3 and 19.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Digital Experience. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Banking Digital Experience, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Digital Experience accessible data as well as unauthorized read access to a subset of Oracle Banking Digital Experience accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2019-3592 | 1 Mcafee | 1 Agent | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA directory. | |||||
| CVE-2019-3621 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2020-08-24 | 4.6 MEDIUM | 6.2 MEDIUM |
| Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine. | |||||
| CVE-2019-3629 | 1 Mcafee | 1 Enterprise Security Manager | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters. | |||||
| CVE-2019-3717 | 1 Dell | 482 Chengming 3967, Chengming 3967 Firmware, Chengming 3977 and 479 more | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability. | |||||
| CVE-2019-3734 | 1 Dell | 2 Emc Unity Operating Environment, Emc Unityvsa Operating Environment | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users. | |||||
| CVE-2019-3852 | 1 Moodle | 1 Moodle | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users_by_capability functions were not taking context freezing into account when checking user capabilities | |||||
| CVE-2019-3971 | 1 Comodo | 1 Antivirus | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for Source parameter in a memcpy operation that is called for this handler. This results in CmdVirth.exe and its child svchost.exe instances to terminate. | |||||
| CVE-2019-4057 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow malicious user with access to the DB2 instance account to leverage a fenced execution process to execute arbitrary code as root. IBM X-Force ID: 156567. | |||||
| CVE-2019-4084 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system. IBM X-Force ID: 157384. | |||||
| CVE-2019-4116 | 1 Ibm | 1 Cloud Private | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensitive information in installer logs that could be use for further attacks against the system. IBM X-Force ID: 158115. | |||||
| CVE-2019-4118 | 1 Ibm | 1 Multicloud Manager | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could allow a local attacker with admin privileges to obtain highly sensitive information upon deployment. IBM X-Force ID: 158144. | |||||
| CVE-2019-4133 | 1 Ibm | 1 Cloud Automation Manager | 2020-08-24 | 3.6 LOW | 5.2 MEDIUM |
| IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the client side (with access to client computer) to run a custom script. IBM X-Force ID: 158278. | |||||
| CVE-2019-4505 | 1 Ibm | 2 Websphere Application Server, Websphere Virtual Enterprise | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the attacker to view any file in a certain directory. IBM X-Force ID: 164364. | |||||
| CVE-2019-4163 | 1 Ibm | 1 Storediq | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696. | |||||
| CVE-2019-4194 | 1 Ibm | 1 Jazz For Service Management | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033. | |||||
| CVE-2019-4176 | 1 Ibm | 1 Cognos Controller | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 158881. | |||||
| CVE-2019-4234 | 1 Ibm | 1 Pureapplication System | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416. | |||||
| CVE-2019-4243 | 1 Ibm | 1 Smartcloud Analytics Log Analysis | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-Force ID: 159517. | |||||
| CVE-2019-4246 | 1 Ibm | 1 Daeja Viewone | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal parameters to ViewONE clients that could be used in further attacks against the system. IBM X-Force ID: 159521. | |||||
| CVE-2019-4259 | 1 Ibm | 1 Spectrum Scale | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011. | |||||
| CVE-2019-4260 | 1 Ibm | 1 Daeja Viewone | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0.5 could allow an unauthorized user to download server files resulting in sensitive information disclosure. IBM X-Force ID: 160012. | |||||
| CVE-2019-4275 | 1 Ibm | 1 Jazz For Service Management | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of service. IBM X-Force ID: 160296. | |||||
| CVE-2019-4293 | 1 Ibm | 1 Storwize Unified V7000 Software | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against the system. IBM X-Force ID: 160699. | |||||
| CVE-2019-4295 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2020-08-24 | 4.0 MEDIUM | 4.9 MEDIUM |
| IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. IBM X-Force ID: 160758. | |||||
| CVE-2019-4357 | 1 Ibm | 1 Spectrum Protect Plus | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667, | |||||
| CVE-2019-4334 | 1 Ibm | 1 Cognos Analytics | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271. | |||||
| CVE-2019-4383 | 1 Ibm | 1 Spectrum Protect Plus | 2020-08-24 | 3.6 LOW | 6.0 MEDIUM |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165. | |||||
| CVE-2019-4457 | 1 Ibm | 1 Jazz Foundation | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654. | |||||
| CVE-2019-4425 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2020-08-24 | 3.5 LOW | 5.7 MEDIUM |
| IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow a user to obtain highly sensitive information from another user by inserting links that would be clicked on by unsuspecting users. IBM X-Force ID: 162771. | |||||
| CVE-2019-4530 | 1 Ibm | 1 Maximo Asset Management | 2020-08-24 | 5.5 MEDIUM | 6.5 MEDIUM |
| IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586. | |||||
| CVE-2019-4537 | 1 Ibm | 1 Websphere Service Registry And Repository | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere Service Registry and Repository 8.5 could allow a user to obtain sensitive version information that could be used in further attacks against the system. IBM X-Force ID: 165593. | |||||
| CVE-2019-4550 | 1 Ibm | 1 Security Directory Server | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Directory Server 6.4.0 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 165952. | |||||
| CVE-2019-4556 | 1 Ibm | 1 Qradar Advisor With Watson | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 166205. | |||||
| CVE-2019-4600 | 1 Ibm | 1 Api Connect | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 167883. | |||||
| CVE-2019-4670 | 1 Ibm | 1 Websphere Application Server | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper data representation. IBM X-Force ID: 171319. | |||||
| CVE-2019-4672 | 1 Ibm | 1 Qradar Advisor | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 171438. | |||||
| CVE-2019-4679 | 1 Ibm | 1 Content Navigator | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. IBM X-Force ID: 171515. | |||||
| CVE-2019-4703 | 1 Ibm | 1 Spectrum Protect Plus | 2020-08-24 | 2.9 LOW | 5.3 MEDIUM |
| IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information. | |||||