3 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

01 Feb 2017 — IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. Tivoli Storage Manager de IBM, revela credenciales de inicio de sesión no cifradas en vCenter de Vmware que podrían ser obtenidas por un usuario local. • http://www.ibm.com/support/docview.wss?uid=swg21996198 • CWE-255: Credentials Management Errors •

CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0

04 Oct 2015 — Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Tivoli Storage Manger para Virtual Environments: Data Protection for VMware 6.3 en versiones ant... • http://www-01.ibm.com/support/docview.wss?uid=swg21967532 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0

26 May 2014 — The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (disk consumption) via unspecified GUI actions. El componente Data Protection For VMware en IBM Tivoli Storage Manager For Virtual Environments (TSMVE) 6.3 hasta 7.1.0.2 no comprueba debidamente autorización para operaciones de copia... • http://www-01.ibm.com/support/docview.wss?uid=swg21673051 • CWE-264: Permissions, Privileges, and Access Controls •