The IBM Tivoli Storage Manger Client/API is used as a component of IBM Tivoli Storage FlashCopy Manager for Windows, IBM Tivoli Storage Manager HSM for Windows, IBM Tivoli Storage Manager for Databases, IBM Tivoli Storage Manager for Mail, and IBM Tivoli Storage Manager for Virtual Environments. Information about a security vulnerability affecting the IBM Tivoli Manager Client/API has been published in a security bulletin.
Consult the security bulletin Password Disclosure via application tracing in IBM Tivoli Storage Manager Client (CVE-2016-0371)for vulnerability details and information about the fixes
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
IBM Tivoli Storage FlashCopy Manager (IBM Spectrum Protect Snapshot) for Windows version 4.1| Tivoli Storage Manager Client/API version 7.1
IBM Tivoli Storage FlashCopy Manager for Windows version 3.2| Tivoli Storage Manager Client/API version 6.4
IBM Tivoli Storage FlashCopy Manager for Windows version 3.1| Tivoli Storage Manager Client/API version 6.3
Note: Within the Tivoli Storage FlashCopy Manager on Windows product, the Tivoli Storage Manager client is also referred to as the FlashCopy Manager VSS Requestor component.
Principal Product and Version(s) | Affected Supporting Product and Version |
---|---|
IBM Tivoli Storage Manager HSM for Windows (IBM Spectrum Protect HSM for Windows) version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
IBM Tivoli Manager HSM for Windows version 6.4 | Tivoli Storage Manager Client/API version 6.4 |
IBM Tivoli Manager HSM for Windows version 6.3 and below | Release 6.3 (and below) are end of support and end of life cycle. Customers should upgrade to a fixed level (7.1 or 6.4) |
Note: Be aware that all HSM for Windows functional components, which includes the TSM client and API, must be at the same Fix Pack level. Within a given Fix Pack level, the interim fix level can differ. |
Principal Product and Version(s) | Affected Supporting Product and Version |
---|---|
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (IBM Spectrum Protect for Databases) version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server version 6.4 | Tivoli Storage Manager Client/API version 6.4 |
Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server version 6.3 | Tivoli Storage Manager Client/API version 6.3 |
Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server version 5.5 | |
(End of Life Cycle 4/30/2017) | Tivoli Storage Manager Client/API version 5.5 |
Any newer fixed version of the Client/API can be used (e.g., 7.1, 6.4, or 6.3). |
Principal Product and Version(s) | Affected Supporting Product and Version |
---|---|
Tivoli Storage Manager for Databases: Data Protection for Oracle (IBM Spectrum Protect for Databases) version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
Tivoli Storage Manager for Databases: Data Protection for Oracle version 6.4 | Tivoli Storage Manager Client/API version 6.4 |
Tivoli Storage Manager for Databases: Data Protection for Oracle version 6.3 | Tivoli Storage Manager Client/API version 6.3 |
Tivoli Storage Manager for Databases: Data Protection for Oracle version 5.5 | |
(End of Life Cycle 4/30/2017) | Tivoli Storage Manager Client/API version 5.5 |
Any newer fixed version of the Client/API can be used (e.g., 7.1, 6.4, or 6.3). |
Principal Product and Version(s) | Affected Supporting Product and Version |
---|---|
IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (IBM Spectrum Protect for Mail) version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server version 6.4 | Tivoli Storage Manager Client/API version 6.4 |
IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server version 6.3 | Tivoli Storage Manager Client/API version 6.3 |
IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server version 5.5 | |
(End of life cycle 4/30/2017) | Tivoli Storage Manager Client/API version 5.5 |
Any newer fixed version of the Client/API can be used (e.g., 7.1, 6.4, or 6.3). |
Principal Product and Version(s) | Affected Supporting Product and Version |
---|---|
IBM Tivoli Storage Manager for Mail: Data Protection for Domino (IBM Spectrum Protect for Mail) on Windows version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
IBM Tivoli Storage Manager for Mail: Data Protection for Domino on Windows version 6.4 | Tivoli Storage Manager Client/API version 6.4 |
IBM Tivoli Storage Manager for Mail: Data Protection for Domino on Windows version 6.3 | Tivoli Storage Manager Client/API version 6.3 |
IBM Tivoli Storage Manager for Mail: Data Protection for Domino on Windows version 5.5 | |
(End of life cycle 4/30/2017) | Tivoli Storage Manager Client/API version 5.5 |
Any newer fixed version of the Client/API can be used (e.g., 7.1, 6.4, or 6.3). |
Principal Product and Version(s) | Affected Supporting Product and Version |
---|---|
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (IBM Spectrum Protect for Virtual Environments) version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware version 6.4 | Tivoli Storage Manager Client/API version 6.4 |
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware version 6.3 | Tivoli Storage Manager Client/API version 6.3 |
Notes: Within the Tivoli Storage Manager for Virtual Environments: Data Protection for VMware product, the Tivoli Storage Manager client is also referred to as the data mover. Be aware that all Data Protection for VMware functional components, which includes the TSM client and API, must be at the same Fix Pack level. Within a given Fix Pack level, the interim fix level can differ. | |
. Principal Product and Version(s) | Affected Supporting Product and Version |
— | — |
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for Microsoft Hyper-V (IBM Spectrum Protect for Virtual Environments) version 7.1 | Tivoli Storage Manager Client/API version 7.1 |
Notes: Within the Tivoli Storage Manager for Virtual Environments: Data Protection for Microsoft Hyper-V product, the Tivoli Storage Manager client is also referred to as the data mover. Be aware that all Data Protection for Hyper-V functional components, which includes the TSM client and API, must be at the same Fix Pack level. Within a given Fix Pack level, the interim fix level can differ |
Refer to the security bulletin Password Disclosure via application tracing in IBM Tivoli Storage Manager Client (CVE-2016-0371)
Refer to the security bulletin Password Disclosure via application tracing in IBM Tivoli Storage Manager Client (CVE-2016-0371)