Authentication flaw

2017-10-0517:29:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.0%

JSON

The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Force ID: 118750.

CPENameOperatorVersion
tivoli_storage_managereq7.1.7.100
tivoli_storage_managereq6.3.6.100
tivoli_storage_managereq6.4.2
tivoli_storage_managereq7.1.0.1
tivoli_storage_managereq7.1.7.200
tivoli_storage_managereq7.1.5
tivoli_storage_managereq6.4.2.100
tivoli_storage_managereq6.3
tivoli_storage_managereq6.1
tivoli_storage_managereq7.1.7

Name	Operator	Version
tivoli_storage_manager	eq	7.1.7.100
tivoli_storage_manager	eq	6.3.6.100
tivoli_storage_manager	eq	6.4.2
tivoli_storage_manager	eq	7.1.0.1
tivoli_storage_manager	eq	7.1.7.200
tivoli_storage_manager	eq	7.1.5
tivoli_storage_manager	eq	6.4.2.100
tivoli_storage_manager	eq	6.3
tivoli_storage_manager	eq	6.1
tivoli_storage_manager	eq	7.1.7