Tivoli Storage Manager Extended Edition Security Vulnerabilities

CVE-2016-6045

IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website...

CVE-2016-6043

Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being...

CVE-2016-6046

IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

CVE-2016-6044

IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security...