CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2016-6045
https://notcve.org/view.php?id=CVE-2016-6045
01 Feb 2017 — IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Tivoli Storage Manager Operations Center es vulnerable a la falsificación de solicitudes de sitios cruzados que podrían permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario que confía en el sitio web. • http://www.ibm.com/support/docview.wss?uid=swg21995754 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 19EXPL: 0CVE-2016-6046
https://notcve.org/view.php?id=CVE-2016-6046
01 Feb 2017 — IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Tivoli Storage Manager Operations Center es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prev... • http://www.ibm.com/support/docview.wss?uid=swg21995754 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2988
https://notcve.org/view.php?id=CVE-2016-2988
25 Nov 2016 — IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins. IBM Tivoli Storage Manger para Virtual Environments: Data Protection para VMware (también conocido como Spectrum Protect para Virtual Environments) 6.4.x en versiones anteriores a 6.4.3.4 y 7... • http://www-01.ibm.com/support/docview.wss?uid=swg21988781 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2016-5927
https://notcve.org/view.php?id=CVE-2016-5927
12 Sep 2016 — IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output. IBM Tivoli Storage Manager para Space Management (también conocido como Spectrum Protect para Space Management) 6.3.x en versiones anteriores a 6.3.2.6, 6.4.x en versiones anteriores a 6.4.3.3, y 7.1.x en versiones an... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3059
https://notcve.org/view.php?id=CVE-2016-3059
08 Aug 2016 — IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka IBM Spectrum Protect for Databases) 6.3 before 6.3.1.7 and 6.4 before 6.4.1.9 and Tivoli Storage FlashCopy Manager for Microsoft SQL Server (aka IBM Spectrum Protect Snapshot) 3.1 before 3.1.1.7 and 3.2 before 3.2.1.9 allow local users to discover a cleartext SQL Server password by reading the Task List in the MMC GUI. IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (también conocido co... • http://www-01.ibm.com/support/docview.wss?uid=swg21987333 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.5EPSS: 0%CPEs: 66EXPL: 0CVE-2016-2894
https://notcve.org/view.php?id=CVE-2016-2894
03 Jul 2016 — IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions. IBM Spectrum Protect (anteriormente Tivoli Storage Manager) 5.5 hasta la versión 6.3 en versiones anteriores a 6.3.2.6, 6.4 en versiones anteriores a 6.4.3.3 y 7.1 en versiones anteriores a 7.1.6 pe... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT13686 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 8%CPEs: 35EXPL: 0CVE-2015-8519
https://notcve.org/view.php?id=CVE-2015-8519
04 Apr 2016 — Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8520, CVE-2015-8521, and CVE-2015-8522. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 5.5.x y 6.x en versiones anteriores a 6.1.12.2 permite a atacantes remotos ejecutar código arbitrario a través de un comando manipulado, una vulnerabilidad diferente a CVE-2015-8520... • http://www-01.ibm.com/support/docview.wss?uid=swg21975536 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 35EXPL: 0CVE-2015-8520
https://notcve.org/view.php?id=CVE-2015-8520
04 Apr 2016 — Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8521, and CVE-2015-8522. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 5.5.x y 6.x en versiones anteriores a 6.1.12.2 permite a atacantes remotos ejecutar código arbitrario a través de un comando manipulado, una vulnerabilidad diferente a CVE-2015-8519... • http://www-01.ibm.com/support/docview.wss?uid=swg21975536 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 35EXPL: 0CVE-2015-8521
https://notcve.org/view.php?id=CVE-2015-8521
04 Apr 2016 — Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8522. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 5.5.x y 6.x en versiones anteriores a 6.1.12.2 permite a atacantes remotos ejecutar código arbitrario a través de un comando manipulado, una vulnerabilidad diferente a CVE-2015-8519... • http://www-01.ibm.com/support/docview.wss?uid=swg21975536 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 35EXPL: 0CVE-2015-8522
https://notcve.org/view.php?id=CVE-2015-8522
04 Apr 2016 — Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8521. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 5.5.x y 6.x en versiones anteriores a 6.1.12.2 permite a atacantes remotos ejecutar código arbitrario a través de un comando manipulado, una vulnerabilidad diferente a CVE-2015-8519... • http://www-01.ibm.com/support/docview.wss?uid=swg21975536 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •