4.6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
50.9%
The version of IBM Tivoli Storage Manager (TSM) for Virtual Environments installed on the remote host is 6.4.x prior to 6.4.3.4 or 7.1.x prior to 7.1.6.0. It is, therefore, affected by an unspecified flaw in the GUI that allows an authenticated, remote attacker in limited cases to exercise certain commands that require administrative credentials without having these credentials.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(93127);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/10/25");
script_cve_id("CVE-2016-2988");
script_name(english:"IBM TSM for Virtual Environments 6.4.x < 6.4.3.4 / 7.1.x < 7.1.6.0 RCE");
script_summary(english:"Checks the version of TSM for Virtual Environments.");
script_set_attribute(attribute:"synopsis", value:
"A backup application installed on the remote host is affected by a
remote command execution vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of IBM Tivoli Storage Manager (TSM) for Virtual
Environments installed on the remote host is 6.4.x prior to 6.4.3.4 or
7.1.x prior to 7.1.6.0. It is, therefore, affected by an unspecified
flaw in the GUI that allows an authenticated, remote attacker in
limited cases to exercise certain commands that require administrative
credentials without having these credentials.");
script_set_attribute(attribute:"see_also", value:"https://www-01.ibm.com/support/docview.wss?uid=swg21988781");
script_set_attribute(attribute:"solution", value:
"Upgrade to Tivoli Storage Manager for Virtual Environments version
6.4.3.4 / 7.1.6.0 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-2988");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/08/22");
script_set_attribute(attribute:"patch_publication_date", value:"2016/08/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:spectrum_protect_for_virtual_environments");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tivoli_storage_manager_virtual_environments_installed.nbin", "tivoli_storage_manager_virtual_environments_installed_linux.nbin");
script_require_keys("installed_sw/Tivoli Storage Manager for Virtual Environments");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");
app = 'Tivoli Storage Manager for Virtual Environments';
install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);
version = install["version"];
path = install["path"];
hypervisor = install["Hypervisor"];
app += " for " + hypervisor;
if (hypervisor != "VMware")
audit(AUDIT_INST_VER_NOT_VULN, app, version);
if (version =~ "^6\.4\.")
fix = "6.4.3.4";
else if (version =~ "^7\.1\.")
fix = "7.1.6.0";
else
audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
if (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)
audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
port = get_kb_item("SMB/transport");
if (!port) port = 445;
report =
'\n Hypervisor : ' + hypervisor +
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix + '\n';
security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | tivoli_storage_manager_for_virtual_environments | cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments | |
ibm | spectrum_protect_for_virtual_environments | cpe:/a:ibm:spectrum_protect_for_virtual_environments | |
ibm | tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware | cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware |
4.6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
50.9%