Ibm: >> Tivoli Storage Manager >> 6.3.4.0 Security Vulnerabilities
IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-02-01
The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a system crash.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-02-01
The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 and 6.x before 6.3.5.1 and 7.x before 7.1.4 does not properly restrict use of the ASNODENAME option, which allows remote attackers to read or write to backup data by leveraging proxy authority.
CVSS Score
3.7
EPSS Score
0.002
Published
2016-02-15