Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm tivoli storage manager 6.3.1 vulnerabilities and exploits

(subscribe to this query)
2.1
CVSSv2
CVE-2013-5371
The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.
Ibm Tivoli Storage Manager 6.3.1Ibm Tivoli Storage Manager 6.4.0
2.1
CVSSv2
CVE-2017-1378
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875.
Ibm Tivoli Storage Manager 8.1.0.2Ibm Tivoli Storage Manager 7.1.6.5Ibm Tivoli Storage Manager 6.1Ibm Tivoli Storage Manager 6.1.0Ibm Tivoli Storage Manager 6.1.1Ibm Tivoli Storage Manager 6.3.0.5Ibm Tivoli Storage Manager 6.3.0.15Ibm Tivoli Storage Manager 6.3.0.17Ibm Tivoli Storage Manager 6.3.1Ibm Tivoli Storage Manager 6.4.2.200Ibm Tivoli Storage Manager 6.4.2.500Ibm Tivoli Storage Manager 6.4.2.600Ibm Tivoli Storage Manager 6.4.3Ibm Tivoli Storage Manager 6.4.3.1Ibm Tivoli Storage Manager 7.1.3.000Ibm Tivoli Storage Manager 7.1.3.1Ibm Tivoli Storage Manager 7.1.3.2Ibm Tivoli Storage Manager 7.1.3.100Ibm Tivoli Storage Manager 6.1.5.4Ibm Tivoli Storage Manager 6.1.5.5Ibm Tivoli Storage Manager 6.1.5.6Ibm Tivoli Storage Manager 6.2.0
3.6
CVSSv2
CVE-2017-1301
IBM Spectrum Protect 7.1 and 8.1 could allow a local malicious user to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to va...
Ibm Tivoli Storage Manager 6.1.0Ibm Tivoli Storage Manager 6.1.1Ibm Tivoli Storage Manager 6.1.2Ibm Tivoli Storage Manager 6.1.3Ibm Tivoli Storage Manager 6.1.4Ibm Tivoli Storage Manager 6.3.0.17Ibm Tivoli Storage Manager 6.3.1Ibm Tivoli Storage Manager 6.3.1.2Ibm Tivoli Storage Manager 6.3.2.2Ibm Tivoli Storage Manager 6.4.3Ibm Tivoli Storage Manager 6.4.3.1Ibm Tivoli Storage Manager 7.1Ibm Tivoli Storage Manager 7.1..5.100Ibm Tivoli Storage Manager 7.1.3.100Ibm Tivoli Storage Manager 7.1.4Ibm Tivoli Storage Manager 7.1.4.1Ibm Tivoli Storage Manager 7.1.4.2Ibm Tivoli Storage Manager 7.1.6.6Ibm Tivoli Storage Manager 6.1.5Ibm Tivoli Storage Manager 6.1.5.5Ibm Tivoli Storage Manager 6.3Ibm Tivoli Storage Manager 6.3.0.15
4
CVSSv2
CVE-2016-8940
IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. Th...
Ibm Tivoli Storage Manager 7.1Ibm Tivoli Storage Manager 7.1.0.1Ibm Tivoli Storage Manager 7.1.1.200Ibm Tivoli Storage Manager 7.1.3Ibm Tivoli Storage Manager 7.1.4Ibm Tivoli Storage Manager 7.1.4.2Ibm Tivoli Storage Manager 6.3.0.5Ibm Tivoli Storage Manager 6.3.1.2Ibm Tivoli Storage Manager 6.1.4Ibm Tivoli Storage Manager 6.1.5.4Ibm Tivoli Storage Manager 6.2.2Ibm Tivoli Storage Manager 6.2.3Ibm Tivoli Storage Manager 7.1.0.3Ibm Tivoli Storage Manager 7.1.1Ibm Tivoli Storage Manager 7.1.1.1Ibm Tivoli Storage Manager 7.1.1.100Ibm Tivoli Storage Manager 7.1.5.200Ibm Tivoli Storage Manager 7.1.7Ibm Tivoli Storage Manager 6.3Ibm Tivoli Storage Manager 6.3.0.15Ibm Tivoli Storage Manager 6.1.5.5Ibm Tivoli Storage Manager 6.1.5.6
2.1
CVSSv2
CVE-2016-2894
IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 up to and including 6.3 prior to 6.3.2.6, 6.4 prior to 6.4.3.3, and 7.1 prior to 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous us...
Ibm Tivoli Storage Manager 6.3.0.17Ibm Tivoli Storage Manager 6.3.0.15Ibm Tivoli Storage Manager 6.2.1Ibm Tivoli Storage Manager 6.2.0Ibm Tivoli Storage Manager 6.1.2Ibm Tivoli Storage Manager 6.1.1Ibm Tivoli Storage Manager 5.5.3Ibm Tivoli Storage Manager 5.5.2Ibm Tivoli Storage Manager 6.3.1Ibm Tivoli Storage Manager 6.3.0.5Ibm Tivoli Storage Manager 6.2.3Ibm Tivoli Storage Manager 6.2.2Ibm Tivoli Storage Manager 6.1.5Ibm Tivoli Storage Manager 6.1.4Ibm Tivoli Storage Manager 6.1.3Ibm Tivoli Storage Manager 5.5.4.1Ibm Tivoli Storage Manager 5.5.4Ibm Tivoli Storage Manager 6.3.0Ibm Tivoli Storage Manager 6.3Ibm Tivoli Storage Manager 6.2Ibm Tivoli Storage Manager 6.1.5.6Ibm Tivoli Storage Manager 6.1.0
5
CVSSv2
CVE-2016-8937
The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Forc...
Ibm Tivoli Storage Manager 6.1.2Ibm Tivoli Storage Manager 6.1.3Ibm Tivoli Storage Manager 6.1.4Ibm Tivoli Storage Manager 6.1.5Ibm Tivoli Storage Manager 6.3.1Ibm Tivoli Storage Manager 6.3.1.2Ibm Tivoli Storage Manager 6.3.2.2Ibm Tivoli Storage Manager 6.3.3Ibm Tivoli Storage Manager 6.4.3.1Ibm Tivoli Storage Manager 7.1Ibm Tivoli Storage Manager 7.1..5.100Ibm Tivoli Storage Manager 7.1.0.1Ibm Tivoli Storage Manager 7.1.4Ibm Tivoli Storage Manager 7.1.4.1Ibm Tivoli Storage Manager 7.1.4.2Ibm Tivoli Storage Manager 7.1.5Ibm Tivoli Storage Manager 6.1.0Ibm Tivoli Storage Manager 6.1.5.5Ibm Tivoli Storage Manager 6.2.0Ibm Tivoli Storage Manager 6.3Ibm Tivoli Storage Manager 6.3.0.15Ibm Tivoli Storage Manager 6.3.5
2.1
CVSSv2
CVE-2016-8939
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. IBM X-Force ID: 118790.
Ibm Tivoli Storage Manager 8.1.1Ibm Tivoli Storage Manager 6.4.1Ibm Tivoli Storage Manager 6.4.2Ibm Tivoli Storage Manager 6.1.0Ibm Tivoli Storage Manager 6.1.1Ibm Tivoli Storage Manager 6.1.5.6Ibm Tivoli Storage Manager 6.2.0Ibm Tivoli Storage Manager 6.3.0.15Ibm Tivoli Storage Manager 6.3.0.17Ibm Tivoli Storage Manager 6.3.6Ibm Tivoli Storage Manager 7.1Ibm Tivoli Storage Manager 7.1.1.2Ibm Tivoli Storage Manager 7.1.1.100Ibm Tivoli Storage Manager 7.1.3.100Ibm Tivoli Storage Manager 7.1.4Ibm Tivoli Storage Manager 7.1.4.1Ibm Tivoli Storage Manager 7.1.7.100Ibm Tivoli Storage Manager 7.1.7.200Ibm Tivoli Storage Manager 6.4.2.500Ibm Tivoli Storage Manager 6.4.2.600Ibm Tivoli Storage Manager 6.4.3Ibm Tivoli Storage Manager 6.1.4
2.1
CVSSv2
CVE-2017-1339
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of ser...
Ibm Tivoli Storage Manager 6.1.4Ibm Tivoli Storage Manager 6.1.5.4Ibm Tivoli Storage Manager 6.2.4Ibm Tivoli Storage Manager 6.3.0.5Ibm Tivoli Storage Manager 6.3.2.2Ibm Tivoli Storage Manager 6.3.4Ibm Tivoli Storage Manager 6.4.2Ibm Tivoli Storage Manager 6.4.2.200Ibm Tivoli Storage Manager 7.1.0.1Ibm Tivoli Storage Manager 7.1.0.3Ibm Tivoli Storage Manager 7.1.1.200Ibm Tivoli Storage Manager 7.1.3Ibm Tivoli Storage Manager 7.1.4.2Ibm Tivoli Storage Manager 7.1.5.200Ibm Tivoli Storage Manager 8.1.1.100Ibm Tivoli Storage Manager 6.1Ibm Tivoli Storage Manager 6.1.0Ibm Tivoli Storage Manager 6.1.1Ibm Tivoli Storage Manager 6.1.2Ibm Tivoli Storage Manager 6.3.0.15Ibm Tivoli Storage Manager 6.3.0.17Ibm Tivoli Storage Manager 6.3.1
2.1
CVSSv2
CVE-2014-4817
The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x prior to 6.3.5.10 and 7.x prior to 7.1.1.100 allows remote malicious users to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a pre...
Ibm Tivoli Storage Manager 5.1.0Ibm Tivoli Storage Manager 5.1.9Ibm Tivoli Storage Manager 5.2Ibm Tivoli Storage Manager 5.2.0Ibm Tivoli Storage Manager 5.2.7Ibm Tivoli Storage Manager 5.2.8Ibm Tivoli Storage Manager 5.3.3Ibm Tivoli Storage Manager 5.3.4Ibm Tivoli Storage Manager 5.4Ibm Tivoli Storage Manager 5.4.0Ibm Tivoli Storage Manager 5.4.3.2Ibm Tivoli Storage Manager 5.4.3.3Ibm Tivoli Storage Manager 5.5.4.1Ibm Tivoli Storage Manager 6.0Ibm Tivoli Storage Manager 5.1.1Ibm Tivoli Storage Manager 5.1.10Ibm Tivoli Storage Manager 5.2.1Ibm Tivoli Storage Manager 5.2.2Ibm Tivoli Storage Manager 5.2.9Ibm Tivoli Storage Manager 5.3Ibm Tivoli Storage Manager 5.3.5.1Ibm Tivoli Storage Manager 5.3.6.1
10
CVSSv2
CVE-2015-7425
The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 prior to 6.3.2.5, 6.4 prior to 6.4.3.1, and 7.1 prior to 7.1.4 and Tivoli Storage FlashCo...
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 6.4.1Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 6.3.2Ibm Tivoli Storage Flashcopy Manager For Vmware 6.4.3Ibm Tivoli Storage Flashcopy Manager For Vmware 6.4.2Ibm Tivoli Storage Flashcopy Manager For Vmware 6.3Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 6.3.1Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.3Ibm Tivoli Storage Flashcopy Manager For Vmware 3.2Ibm Tivoli Storage Flashcopy Manager For Vmware 3.1.1Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.2Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.1Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.0Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.0Ibm Tivoli Storage Flashcopy Manager For Vmware 6.4Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.3Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.2Ibm Tivoli Storage Flashcopy Manager For Vmware 3.1Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook