Skip to main content

Tivoli Storage Flashcopy Manager For Vmware

2 CVEs product

Monthly

CVE-2016-6033 HIGH PATCH This Week

IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

VMware CSRF IBM Tivoli Storage Manager For Virtual Environments Data Protection For Vmware Tivoli Storage Flashcopy Manager For Vmware
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2015-7425 CRITICAL Act Now

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Privilege Escalation VMware Tivoli Storage Flashcopy Manager For Vmware Tivoli Storage Manager For Virtual Environments Data Protection For Vmware
NVD
CVSS 3.0
10.0
EPSS
9.9%
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

VMware CSRF IBM +2
NVD
EPSS 10% CVSS 10.0
CRITICAL Act Now

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Privilege Escalation VMware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy