Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIbmCVE-2016-0371
HistoryFeb 01, 2017 - 9:59 p.m.

CVE-2016-0371

2017-02-0121:59:00
ibm
web.nvd.nist.gov
30
tivoli storage manager
tsm
cve-2016-0371
plain text
application trace
security vulnerability
nvd

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0

Percentile

12.6%

JSON

The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.

Affected configurations

Nvd
Vulners
Node
ibmtivoli_storage_managerRange7.1.0.07.1.6.2
AND
applemac_os_xMatch-
OR
hphp-uxMatch-
OR
ibmaixMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
OR
oraclesolarisMatch-
Node
ibmtivoli_storage_managerRange6.4.0.06.4.3.3
AND
applemac_os_xMatch-
OR
hphp-uxMatch-
OR
ibmaixMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
OR
oraclesolarisMatch-
Node
ibmtivoli_storage_managerRange5.56.3.2.5
AND
applemac_os_xMatch-
OR
hphp-uxMatch-
OR
ibmaixMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
OR
oraclesolarisMatch-
VendorProductVersionCPE
ibmtivoli_storage_manager*cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
hphp-ux-cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
ibmaix-cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
oraclesolaris-cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Tivoli Storage Manager",
    "vendor": "IBM Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "5.3.5.3"
      },
      {
        "status": "affected",
        "version": "5.4.1.2"
      },
      {
        "status": "affected",
        "version": "4.2"
      },
      {
        "status": "affected",
        "version": "4.2.1"
      },
      {
        "status": "affected",
        "version": "5.1.8"
      },
      {
        "status": "affected",
        "version": "5.2.5.1"
      },
      {
        "status": "affected",
        "version": "5.2.7"
      },
      {
        "status": "affected",
        "version": "5.2.8"
      },
      {
        "status": "affected",
        "version": "5.2.9"
      },
      {
        "status": "affected",
        "version": "5.3.0"
      },
      {
        "status": "affected",
        "version": "5.3.1"
      },
      {
        "status": "affected",
        "version": "5.3.2"
      },
      {
        "status": "affected",
        "version": "5.3.3"
      },
      {
        "status": "affected",
        "version": "5.4.4.0"
      },
      {
        "status": "affected",
        "version": "5.4.2.4"
      },
      {
        "status": "affected",
        "version": "5.4.2.3"
      },
      {
        "status": "affected",
        "version": "5.4.2.2"
      },
      {
        "status": "affected",
        "version": "5.3.6.9"
      },
      {
        "status": "affected",
        "version": "5.3.6.2"
      },
      {
        "status": "affected",
        "version": "5.3.6.1"
      },
      {
        "status": "affected",
        "version": "5.3.4"
      },
      {
        "status": "affected",
        "version": "5.2.5.3"
      },
      {
        "status": "affected",
        "version": "5.2.5.2"
      },
      {
        "status": "affected",
        "version": "5.2.4"
      },
      {
        "status": "affected",
        "version": "5.3.5.1"
      },
      {
        "status": "affected",
        "version": "5.3.2.4"
      },
      {
        "status": "affected",
        "version": "6.0"
      },
      {
        "status": "affected",
        "version": "5.1.0"
      },
      {
        "status": "affected",
        "version": "5.1.1"
      },
      {
        "status": "affected",
        "version": "5.1.10"
      },
      {
        "status": "affected",
        "version": "5.1.5"
      },
      {
        "status": "affected",
        "version": "5.1.6"
      },
      {
        "status": "affected",
        "version": "5.1.7"
      },
      {
        "status": "affected",
        "version": "5.1.9"
      },
      {
        "status": "affected",
        "version": "5.2.0"
      },
      {
        "status": "affected",
        "version": "5.2.1"
      },
      {
        "status": "affected",
        "version": "4.2.2"
      },
      {
        "status": "affected",
        "version": "4.2.3"
      },
      {
        "status": "affected",
        "version": "4.2.4"
      },
      {
        "status": "affected",
        "version": "5.2.2"
      },
      {
        "status": "affected",
        "version": "5.3"
      },
      {
        "status": "affected",
        "version": "5.2 Client"
      },
      {
        "status": "affected",
        "version": "5.4 Client"
      },
      {
        "status": "affected",
        "version": "5.5.7"
      },
      {
        "status": "affected",
        "version": "5.2.3.4 Client"
      },
      {
        "status": "affected",
        "version": "5.5.1.0"
      },
      {
        "status": "affected",
        "version": "5.5.1.6"
      },
      {
        "status": "affected",
        "version": "5.4"
      },
      {
        "status": "affected",
        "version": "5.5"
      },
      {
        "status": "affected",
        "version": "6.1"
      },
      {
        "status": "affected",
        "version": "6.2"
      },
      {
        "status": "affected",
        "version": "6.3"
      },
      {
        "status": "affected",
        "version": "6.4"
      },
      {
        "status": "affected",
        "version": "7.1"
      }
    ]
  }
]

Related

openvas 3
nvd 1
ibm 3
prion 1
cvelist 1
openvas
openvas
IBM TSM Client 'Password' Information Disclosure Vulnerability - Mac OS X
2017-06-02 00:00:00
IBM TSM Client 'Password' Information Disclosure Vulnerability - Windows
2017-06-02 00:00:00
IBM TSM Client 'Password' Information Disclosure Vulnerability - Linux
2017-06-02 00:00:00
nvd
nvd
CVE-2016-0371
2017-02-01 21:59:00
ibm
ibm
Security Bulletin: Password Disclosure via application tracing in IBM Tivoli Storage Manager Client (CVE-2016-0371)
2018-06-17 15:24:35
Security Bulletin: A security vulnerability has been identified in IBM Tivoli Storage Manager that affects multiple IBM Tivoli Storage products (CVE-2016-0371)
2018-06-17 15:30:32
Security Bulletin: Password Disclosure via application tracing in IBM Tivoli Storage Manager for Space Management (CVE-2016-0371)
2018-06-17 15:28:40
prion
prion
Design/Logic Flaw
2017-02-01 21:59:00
cvelist
cvelist
CVE-2016-0371
2017-02-01 21:00:00

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0

Percentile

12.6%

JSON
Related for CVE-2016-0371
openvas3nvd1ibm3prion1cvelist1