Vulnerability Details CVE-2016-5927
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203
- http://www-01.ibm.com/support/docview.wss?uid=swg21989006
- http://www.securityfocus.com/bid/92723
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203
- http://www-01.ibm.com/support/docview.wss?uid=swg21989006
- http://www.securityfocus.com/bid/92723
Products affected by CVE-2016-5927
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.2
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.1
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.2
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.3
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.1
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.2
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.3
-
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.4