Tivoli Storage Manager@6.1.1 Security Vulnerabilities and Issues — Tivoli Storage Manager@6.1.1 CVE List

Lucene search

IbmTivoli Storage Manager6.1.1

15 matches found

CVE•added 2017/10/05 5:29 p.m.•53 views

CVE-2017-1339

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of service. IBM X-Force I...

4.4CVSS4.6AI score0.00021EPSS

CVE•added 2017/10/05 5:29 p.m.•49 views

CVE-2016-8937

The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Force ID: 118750.

9.8CVSS9.1AI score0.00232EPSS

CVE•added 2010/12/29 6:0 p.m.•48 views

CVE-2010-4605

Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors.

6.6CVSS6.3AI score0.00161EPSS

CVE•added 2017/10/05 5:29 p.m.•46 views

CVE-2017-1301

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system...

5.5CVSS5.3AI score0.00103EPSS

CVE•added 2017/10/05 5:29 p.m.•46 views

CVE-2017-1378

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875.

7.8CVSS7.2AI score0.00036EPSS

CVE•added 2013/02/21 4:35 a.m.•45 views

CVE-2013-0471

The traditional scheduler in the client in IBM Tivoli Storage Manager (TSM) before 6.2.5.0, 6.3 before 6.3.1.0, and 6.4 before 6.4.0.1, when Prompted mode is enabled, allows remote attackers to cause a denial of service (scheduling outage) via unspecified vectors.

4.3CVSS6.6AI score0.00603EPSS

CVE•added 2013/10/04 10:44 a.m.•44 views

CVE-2013-2964

Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through 5.5.4.0, 6.1.0 through 6.1.5.4, 6.2.0 through 6.2.4.7, and 6.3.0 through 6.3.0.17 on UNIX and Linux allows local users to gain privileges via unspecified vectors.

7.2CVSS6.8AI score0.00053EPSS

CVE•added 2017/06/07 5:29 p.m.•43 views

CVE-2016-8939

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. IBM X-Force ID: 118790.

5.5CVSS5.2AI score0.00074EPSS

CVE•added 2011/07/17 8:55 p.m.•42 views

CVE-2011-1223

Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors...

7.2CVSS6.8AI score0.00051EPSS

CVE•added 2013/02/21 4:35 a.m.•41 views

CVE-2013-0472

The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors.

5.1CVSS6.3AI score0.00396EPSS

CVE•added 2014/11/18 11:59 p.m.•40 views

CVE-2014-4817

The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.

2.1CVSS6.7AI score0.00112EPSS

CVE•added 2011/07/17 8:55 p.m.•38 views

CVE-2011-1222

Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors.

7.2CVSS6.8AI score0.00051EPSS

CVE•added 2016/07/03 9:59 p.m.•37 views

CVE-2016-2894

IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and ret...

2.5CVSS3.4AI score0.00055EPSS

CVE•added 2015/02/13 2:59 a.m.•36 views

CVE-2014-4813

Race condition in the client in IBM Tivoli Storage Manager (TSM) 5.4.0.0 through 5.4.3.6, 5.5.0.0 through 5.5.4.3, 6.1.0.0 through 6.1.5.6, 6.2 before 6.2.5.4, 6.3 before 6.3.2.3, 6.4 before 6.4.2.1, and 7.1 before 7.1.1 on UNIX and Linux allows local users to obtain root privileges via unspecified...

6.9CVSS6.1AI score0.00038EPSS

CVE•added 2017/03/07 5:59 p.m.•36 views

CVE-2016-8940

IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these p...

8.8CVSS8.6AI score0.00318EPSS