CPE Details
IBM Tivoli Storage Manager 6.4.2.3
6.4.2.3
2017-02-13
17h08 +00:00
17h08 +00:00
2017-02-13
17h08 +00:00
17h08 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.3:*:*:*:*:*:*:*
Informations
Vendor
ibmProduct
tivoli_storage_managerVersion
6.4.2.3Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. | 6.5 |
Medium |
||
| The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled. | 5.5 |
Medium |
||
| The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a system crash. | 7.8 |
High |
||
| Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. | 7 |
High |
||
| IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy. | 4.3 |
Medium |
||
| IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
High |
||
| IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | 5.4 |
Medium |
2025©
tesweb SA
