Skip to main content

Tivoli Storage Manager For Virtual Environments Data Protection For Vmware

5 CVEs product

Monthly

CVE-2018-1786 HIGH PATCH This Week

IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

IBM Denial Of Service Spectrum Protect Tivoli Storage Manager Spectrum Protect Manager For Virtual Environments Data Protection For Vmware +3
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2016-6033 HIGH PATCH This Week

IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

VMware CSRF IBM Tivoli Storage Manager For Virtual Environments Data Protection For Vmware Tivoli Storage Flashcopy Manager For Vmware
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-6110 MEDIUM PATCH This Month

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

VMware IBM Authentication Bypass Tivoli Storage Manager Tivoli Storage Manager For Virtual Environments Data Protection For Vmware
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2016-6034 MEDIUM PATCH This Month

IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft IBM VMware Information Disclosure Tivoli Storage Manager For Virtual Environments Data Protection For Vmware
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2015-7425 CRITICAL Act Now

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Privilege Escalation VMware Tivoli Storage Flashcopy Manager For Vmware Tivoli Storage Manager For Virtual Environments Data Protection For Vmware
NVD
CVSS 3.0
10.0
EPSS
9.9%
EPSS 2% CVSS 7.5
HIGH PATCH This Week

IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

IBM Denial Of Service Spectrum Protect +5
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

VMware CSRF IBM +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

VMware IBM Authentication Bypass +2
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft IBM VMware +2
NVD
EPSS 10% CVSS 10.0
CRITICAL Act Now

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Privilege Escalation VMware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy