The (1) Data Protection for Exchange component 6.1 prior to 6.1.3.4 and 6.3 prior to 6.3.1 in IBM Tivoli Storage Manager for Mail and the (2) FlashCopy Manager for Exchange component 2.2 and 3.1 prior to 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not properly constrain mailbox contents during certain PST restore operations, which allows remote authenticated users to read the personal e-mail of other users in opportunistic circumstances by launching an e-mail client after an administrator performs a multiple-mailbox restore.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm flashcopy manager 2.2 |
||
ibm flashcopy manager 3.1 |
||
ibm data protection 6.3 |
||
ibm tivoli storage flashcopy manager - |
||
ibm flashcopy manager 2.1 |
||
ibm tivoli storage manager for mail - |
||
ibm data protection 6.1 |