IBM Spectrum Control
By the Year
In 2024 there have been 0 vulnerabilities in IBM Spectrum Control . Spectrum Control did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 4 | 6.78 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Spectrum Control vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Spectrum Control Security Vulnerabilities
IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 is vulnerable to cross-site scripting
CVE-2019-4137
6.1 - Medium
- May 29, 2019
IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158333.
XSS
IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could
CVE-2019-4138
5.9 - Medium
- May 29, 2019
IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. X-Force ID: 158334.
Insufficiently Protected Credentials
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) could
CVE-2019-4071
8.8 - High
- May 09, 2019
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 157063.
CSV Injection
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17)
CVE-2019-4072
6.3 - Medium
- May 09, 2019
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. Utilizing the application back button users can remain logged in as the current user for a short period of time, therefore users are presented with information for Spectrum Control Application. IBM X-Force ID: 157064.
Insufficient Session Expiration
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Tivoli Storage Productivity Center or by IBM? Click the Watch button to subscribe.
