CVE-2020-7201

A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery CSRF...

Security Bulletin: TS4500 Tape Library/Diamondback Tape Library addresses security vulnerability CVE-2025-36239

Summary The Web UI page that prompts a user to change their expired password was vulnerable to cross-site scripting XSS, because a URL parameter was used directly in HTML output without sanitization. An authenticated user with access to this page could inject arbitrary JavaScript. The impact was...

EUVD-2016-9830

Malware in sbrugna...

EUVD-2012-5650

Malware in sbrugna...

EUVD-2012-1854

Malware in sbrugna...

Security Bulletin: TS4500 Tape Library/Diamondback Tape Library addresses security vulnerability CVE-2024-43192

Summary Certain HTML forms in the web GUI did not use anti-CSRF tokens, allowing attackers to trick authenticated users into performing unintended actions. The issue has been resolved by adding CSRF protection to the affected forms. Vulnerability Details CVEID:CVE-2024-43192 DESCRIPTION: IBM...

Security Bulletin: TS4500 Tape Library/Diamondback Tape Library addresses security vulnerability CVE-2021-23450

Summary The tape library web GUI used an outdated version of the JavaScript library dojo.js containing a prototype pollution vulnerability. This could potentially be leveraged to facilitate XSS attacks in the browser, or, if executed server-side, to enable remote code execution. The issue has bee...

Security Bulletin: IBM TS2900 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)

Abstract Download an update to the TS2900 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL. Content VULNERABILITY DETAILS: DESCRIPTION: A security vulnerability was found in OpenSSL version 1.0.1c...

Security Bulletin: Unauthenticated User Could Gain Remote Access to TS3100/TS3200 (CVE-2016-9005)

Summary IBM TS3100/TS3200 Tape Library could allow an unauthenticated user, with access to the company network, to change a user's password and gain remote access to the system. Vulnerability Details CVEID:CVE-2016-9005 DESCRIPTION: IBM TS3100-TS3200 Tape Library could allow an unauthenticated...

Security Bulletin: Vulnerability in SSLv3 affects TS3100/TS3200 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TS3100/TS3200. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive information...

Security Bulletin: IBM TS3500 Tape Library Update for Security Vulnerability in Web User Interface (CVE-2012-5767)

Abstract Download an update to the TS3500 Tape Library which contains a fix for a security vulnerability that could allow unauthorized access to restricted actions. Content DESCRIPTION: An authorized user of the TS3500 web user interface could exploit a vulnerability that would give that user a...

Security Bulletin: IBM TS3310 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)

Abstract Download an update to the TS3310 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL. Content VULNERABILITY DETAILS: DESCRIPTION: A security vulnerability was found in OpenSSL version 1.0.1c...

Security Bulletin: TS3310 Tape Library contains pre-configured default accounts (CVE-2012-1844)

Abstract Security Vulnerability in the TS3310 Tape Library. The tape library ships with certain pre-configured default accounts that have fixed passwords. A remote unauthorized user with knowledge of these accounts/passwords could use them to gain unauthorized access to the tape library. Content...

Security Bulletin: IBM TS2900 Tape Library update for security vulnerabilities in OpenSSL (CVE-2012-2333)

Abstract Download an update to the TS2900 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL. Content DESCRIPTION: OpenSSL versions prior to 1.0.0 do not follow best security practices and need to be...

Security Bulletin: IBM TS3400 Tape Library update for security vulnerabilities in OpenSSL (CVE-2012-2333)

Abstract Download an update to the TS3400 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL. Content DESCRIPTION: OpenSSL versions prior to 1.0.0 do not follow best security practices and need to be...

Security Bulletin: IBM TS3400 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)

Abstract Download an update to the TS3400 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL. Content VULNERABILITY DETAILS: DESCRIPTION: A security vulnerability was found in OpenSSL version 1.0.1c...

Security Bulletin: IBM TS3310 Tape Library update for security vulnerabilities in OpenSSL (CVE-2012-2333)

Abstract Download update to TS3310 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL. Content CVE ID: CVE-2012-2333 DESCRIPTION: OpenSSL versions prior to 1.0.0 do not follow best security practices a...

CVE-2020-7201

A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery CSRF...

CVE-2020-7201

A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery CSRF...

Cross site request forgery (csrf)

A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery CSRF...