Lucene search
HistoryFeb 01, 2017 - 9:59 p.m.
CVE-2016-0371
tivoli storage manager
tsm
cve-2016-0371
plain text
application trace
security vulnerability
nvd
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.4 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
12.6%
The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.
Affected configurations
Node
ibm_corporationtivoli_storage_managerMatch5.3.5.3
ORibm_corporationtivoli_storage_managerMatch5.4.1.2
ORibm_corporationtivoli_storage_managerMatch4.2
ORibm_corporationtivoli_storage_managerMatch4.2.1
ORibm_corporationtivoli_storage_managerMatch5.1.8
ORibm_corporationtivoli_storage_managerMatch5.2.5.1
ORibm_corporationtivoli_storage_managerMatch5.2.7
ORibm_corporationtivoli_storage_managerMatch5.2.8
ORibm_corporationtivoli_storage_managerMatch5.2.9
ORibm_corporationtivoli_storage_managerMatch5.3.0
ORibm_corporationtivoli_storage_managerMatch5.3.1
ORibm_corporationtivoli_storage_managerMatch5.3.2
ORibm_corporationtivoli_storage_managerMatch5.3.3
ORibm_corporationtivoli_storage_managerMatch5.4.4.0
ORibm_corporationtivoli_storage_managerMatch5.4.2.4
ORibm_corporationtivoli_storage_managerMatch5.4.2.3
ORibm_corporationtivoli_storage_managerMatch5.4.2.2
ORibm_corporationtivoli_storage_managerMatch5.3.6.9
ORibm_corporationtivoli_storage_managerMatch5.3.6.2
ORibm_corporationtivoli_storage_managerMatch5.3.6.1
ORibm_corporationtivoli_storage_managerMatch5.3.4
ORibm_corporationtivoli_storage_managerMatch5.2.5.3
ORibm_corporationtivoli_storage_managerMatch5.2.5.2
ORibm_corporationtivoli_storage_managerMatch5.2.4
ORibm_corporationtivoli_storage_managerMatch5.3.5.1
ORibm_corporationtivoli_storage_managerMatch5.3.2.4
ORibm_corporationtivoli_storage_managerMatch6.0
ORibm_corporationtivoli_storage_managerMatch5.1.0
ORibm_corporationtivoli_storage_managerMatch5.1.1
ORibm_corporationtivoli_storage_managerMatch5.1.10
ORibm_corporationtivoli_storage_managerMatch5.1.5
ORibm_corporationtivoli_storage_managerMatch5.1.6
ORibm_corporationtivoli_storage_managerMatch5.1.7
ORibm_corporationtivoli_storage_managerMatch5.1.9
ORibm_corporationtivoli_storage_managerMatch5.2.0
ORibm_corporationtivoli_storage_managerMatch5.2.1
ORibm_corporationtivoli_storage_managerMatch4.2.2
ORibm_corporationtivoli_storage_managerMatch4.2.3
ORibm_corporationtivoli_storage_managerMatch4.2.4
ORibm_corporationtivoli_storage_managerMatch5.2.2
ORibm_corporationtivoli_storage_managerMatch5.3
ORibm_corporationtivoli_storage_managerMatch5.2
ORibm_corporationtivoli_storage_managerMatch5.4
ORibm_corporationtivoli_storage_managerMatch5.5.7
ORibm_corporationtivoli_storage_managerMatch5.2.3.4
ORibm_corporationtivoli_storage_managerMatch5.5.1.0
ORibm_corporationtivoli_storage_managerMatch5.5.1.6
ORibm_corporationtivoli_storage_managerMatch5.4
ORibm_corporationtivoli_storage_managerMatch5.5
ORibm_corporationtivoli_storage_managerMatch6.1
ORibm_corporationtivoli_storage_managerMatch6.2
ORibm_corporationtivoli_storage_managerMatch6.3
ORibm_corporationtivoli_storage_managerMatch6.4
ORibm_corporationtivoli_storage_managerMatch7.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:tivoli_storage_manager | ibm tivoli storage manager | le | 7.1.6.2 |
CNA Affected
[
{
"product": "Tivoli Storage Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "5.3.5.3"
},
{
"status": "affected",
"version": "5.4.1.2"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "5.1.8"
},
{
"status": "affected",
"version": "5.2.5.1"
},
{
"status": "affected",
"version": "5.2.7"
},
{
"status": "affected",
"version": "5.2.8"
},
{
"status": "affected",
"version": "5.2.9"
},
{
"status": "affected",
"version": "5.3.0"
},
{
"status": "affected",
"version": "5.3.1"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"status": "affected",
"version": "5.3.3"
},
{
"status": "affected",
"version": "5.4.4.0"
},
{
"status": "affected",
"version": "5.4.2.4"
},
{
"status": "affected",
"version": "5.4.2.3"
},
{
"status": "affected",
"version": "5.4.2.2"
},
{
"status": "affected",
"version": "5.3.6.9"
},
{
"status": "affected",
"version": "5.3.6.2"
},
{
"status": "affected",
"version": "5.3.6.1"
},
{
"status": "affected",
"version": "5.3.4"
},
{
"status": "affected",
"version": "5.2.5.3"
},
{
"status": "affected",
"version": "5.2.5.2"
},
{
"status": "affected",
"version": "5.2.4"
},
{
"status": "affected",
"version": "5.3.5.1"
},
{
"status": "affected",
"version": "5.3.2.4"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "5.1.0"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.10"
},
{
"status": "affected",
"version": "5.1.5"
},
{
"status": "affected",
"version": "5.1.6"
},
{
"status": "affected",
"version": "5.1.7"
},
{
"status": "affected",
"version": "5.1.9"
},
{
"status": "affected",
"version": "5.2.0"
},
{
"status": "affected",
"version": "5.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.2.3"
},
{
"status": "affected",
"version": "4.2.4"
},
{
"status": "affected",
"version": "5.2.2"
},
{
"status": "affected",
"version": "5.3"
},
{
"status": "affected",
"version": "5.2 Client"
},
{
"status": "affected",
"version": "5.4 Client"
},
{
"status": "affected",
"version": "5.5.7"
},
{
"status": "affected",
"version": "5.2.3.4 Client"
},
{
"status": "affected",
"version": "5.5.1.0"
},
{
"status": "affected",
"version": "5.5.1.6"
},
{
"status": "affected",
"version": "5.4"
},
{
"status": "affected",
"version": "5.5"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
}
]
}
]Related
openvas
openvas
IBM TSM Client 'Password' Information Disclosure Vulnerability - Mac OS X
2017-06-02 00:00:00
IBM TSM Client 'Password' Information Disclosure Vulnerability - Windows
2017-06-02 00:00:00
IBM TSM Client 'Password' Information Disclosure Vulnerability - Linux
2017-06-02 00:00:00
nvd
nvd
CVE-2016-0371
2017-02-01 21:59:00
ibm
ibm
Security Bulletin: Password Disclosure via application tracing in IBM Tivoli Storage Manager Client (CVE-2016-0371)
2018-06-17 15:24:35
prion
prion
Design/Logic Flaw
2017-02-01 21:59:00
cvelist
cvelist
CVE-2016-0371
2017-02-01 21:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.4 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
12.6%
Related for CVE-2016-0371