All the vulnerabilites related to ibm - tivoli_storage_manager_for_space_management
cve-2012-5954
Vulnerability from cvelistv5
Published
2012-12-21 11:00
Modified
2024-08-06 21:21
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1027901 | vdb-entry, x_refsource_SECTRACK | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21615292 | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IC86724 | vendor-advisory, x_refsource_AIXAPAR | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/80668 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"name": "IC86724",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC86724"
},
{
"name": "tsm-dsmrootd-unauth-access(80668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80668"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1027901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"name": "IC86724",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC86724"
},
{
"name": "tsm-dsmrootd-unauth-access(80668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80668"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-5954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1027901",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027901"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"name": "IC86724",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC86724"
},
{
"name": "tsm-dsmrootd-unauth-access(80668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80668"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-5954",
"datePublished": "2012-12-21T11:00:00",
"dateReserved": "2012-11-21T00:00:00",
"dateUpdated": "2024-08-06T21:21:28.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4859
Vulnerability from cvelistv5
Published
2012-12-21 11:00
Modified
2024-08-06 20:50
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79843 | vdb-entry, x_refsource_XF | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006 | vendor-advisory, x_refsource_AIXAPAR | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21615292 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:17.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "tsm-user-privilege-escalation(79843)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"
},
{
"name": "IC87006",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "tsm-user-privilege-escalation(79843)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"
},
{
"name": "IC87006",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-4859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "tsm-user-privilege-escalation(79843)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"
},
{
"name": "IC87006",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-4859",
"datePublished": "2012-12-21T11:00:00",
"dateReserved": "2012-09-06T00:00:00",
"dateUpdated": "2024-08-06T20:50:17.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5918
Vulnerability from cvelistv5
Published
2017-02-08 22:00
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=swg21988728 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92534 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IBM Corporation | Tivoli Storage Manager HSM for Windows |
Version: 5.3.2.0 Version: 5.3.5.0 Version: 5.4.0.0 Version: 5.4.2.5 Version: 5.5.0.0 Version: 5.5.1.4 Version: 6.3 Version: 6.4 Version: 7.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988728"
},
{
"name": "92534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tivoli Storage Manager HSM for Windows",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "5.3.2.0"
},
{
"status": "affected",
"version": "5.3.5.0"
},
{
"status": "affected",
"version": "5.4.0.0"
},
{
"status": "affected",
"version": "5.4.2.5"
},
{
"status": "affected",
"version": "5.5.0.0"
},
{
"status": "affected",
"version": "5.5.1.4"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988728"
},
{
"name": "92534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tivoli Storage Manager HSM for Windows",
"version": {
"version_data": [
{
"version_value": "5.3.2.0"
},
{
"version_value": "5.3.5.0"
},
{
"version_value": "5.4.0.0"
},
{
"version_value": "5.4.2.5"
},
{
"version_value": "5.5.0.0"
},
{
"version_value": "5.5.1.4"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21988728",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988728"
},
{
"name": "92534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5918",
"datePublished": "2017-02-08T22:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5927
Vulnerability from cvelistv5
Published
2016-09-12 10:00
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92723 | vdb-entry, x_refsource_BID | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203 | vendor-advisory, x_refsource_AIXAPAR | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21989006 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92723",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92723"
},
{
"name": "IT15203",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "92723",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92723"
},
{
"name": "IT15203",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92723"
},
{
"name": "IT15203",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21989006",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5927",
"datePublished": "2016-09-12T10:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1550
Vulnerability from cvelistv5
Published
2018-09-26 15:00
Modified
2024-09-16 22:50
Severity ?
EPSS score ?
Summary
IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/142696 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ibm10719401 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IBM | Spectrum Protect |
Version: 7.1 Version: 8.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:07:43.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-tivoli-cve20181550-dos(142696)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142696"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10719401"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spectrum Protect",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "8.1"
}
]
}
],
"datePublic": "2018-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 5.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/A:H/AC:L/AV:L/C:N/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-26T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-tivoli-cve20181550-dos(142696)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142696"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10719401"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-09-24T00:00:00",
"ID": "CVE-2018-1550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Protect",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "8.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AC": "L",
"AV": "L",
"C": "N",
"I": "N",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-tivoli-cve20181550-dos(142696)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142696"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10719401",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10719401"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1550",
"datePublished": "2018-09-26T15:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T22:50:57.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-12-21 11:47
Modified
2024-11-21 01:45
Severity ?
Summary
Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_storage_manager_for_space_management | * | |
| ibm | tivoli_storage_manager_for_space_management | 5.5.0.0 | |
| ibm | tivoli_storage_manager_for_space_management | 6.1.0.0 | |
| ibm | tivoli_storage_manager_for_space_management | 6.2.0.0 | |
| ibm | tivoli_storage_manager_for_space_management | 6.3.0.0 | |
| ibm | tivoli_storage_manager_for_space_management | 6.3.0.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6579B128-68C1-4FF2-BA49-0F3BD95D1D01",
"versionEndIncluding": "6.2.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:5.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8B6B1D-2C7B-458D-BA6F-E189AF243598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "714251E2-5745-4716-9BEE-00747F58767D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A9D50D0-1689-44AA-B295-08D1D4735C9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC81AF6-42EB-49E7-B2B5-D2E6C789141F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8760FB7B-2669-4A8A-9581-85C63C3A7817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en IBM Tivoli Storage Manager for Space Management (tambi\u00e9n conocido como TSM HSM) antes de v6.2.5.0 y v6.3.x antes de v6.3.1.0 permite a atacantes remotos leer o modificar objetos del sistema de ficheros gestionados por HSM a trav\u00e9s de vectores desconocidos.\r\n"
}
],
"id": "CVE-2012-5954",
"lastModified": "2024-11-21T01:45:35.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-21T11:47:36.877",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC86724"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id?1027901"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC86724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80668"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-26 15:29
Modified
2024-11-21 04:00
Severity ?
6.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ibm10719401 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/142696 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ibm10719401 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/142696 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7510B228-9418-4841-A389-903F299FC005",
"versionEndIncluding": "7.1.8.2",
"versionStartIncluding": "7.1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47643E98-C42A-4BA1-841C-46F2DD2C10E4",
"versionEndIncluding": "8.1.4",
"versionStartIncluding": "8.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3591CA5B-D577-45FB-99D1-D009E8D56A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A76C5CA2-27EF-4A15-90AD-A4E7CF54D2B4",
"versionEndIncluding": "7.1.8.2",
"versionStartIncluding": "7.1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4DE7B2-1D22-48D4-9C60-CA2463DAF4FB",
"versionEndIncluding": "8.1.4.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFC7506-645F-47ED-8658-C334AB96C8A2",
"versionEndIncluding": "7.1.8.2",
"versionStartIncluding": "7.1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8BA9D9-9AD0-4360-9308-5E3325A4AA0B",
"versionEndIncluding": "8.1.4.1",
"versionStartIncluding": "8.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696."
},
{
"lang": "es",
"value": "IBM Spectrum Protect 7.1 y 8.1 podr\u00eda permitir que un usuario local corrompa o elimine informaci\u00f3n altamente sensible que provocar\u00eda una denegaci\u00f3n de servicio (DoS) en otros usuarios. IBM X-Force ID: 142696."
}
],
"id": "CVE-2018-1550",
"lastModified": "2024-11-21T04:00:00.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-26T15:29:00.420",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10719401"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10719401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142696"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-12 10:59
Modified
2024-11-21 02:55
Severity ?
Summary
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1030A8-2770-49BF-93EC-8C2FB08C3FCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D08D7BF-6C7C-4C53-8D75-506EE7BFA0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED1C563-6B46-4F15-A3EE-9732A6E135CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58B2465F-1445-4CB2-8130-D97D4524A290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10C95B6A-2B34-4DF9-B4D8-E1DF2986BE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "321D004F-094E-4FBD-9D9D-850EED24A0E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "112C19AF-1BCC-4FBD-AC2D-A8399AF4DA12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0749732C-0F60-4D69-B933-4058C652E31E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BAA7180-6E41-4836-B03E-5DC0C55E0093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A267E3D-9912-46E7-9E5C-2FFEB503CA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74755D0A-28C1-4071-8DD1-FA452F8128B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6000AC77-53A1-4249-89BD-83B7E8E82CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output."
},
{
"lang": "es",
"value": "IBM Tivoli Storage Manager para Space Management (tambi\u00e9n conocido como Spectrum Protect para Space Management) 6.3.x en versiones anteriores a 6.3.2.6, 6.4.x en versiones anteriores a 6.4.3.3, y 7.1.x en versiones anteriores a 7.1.6, cuando est\u00e1 configurado cierto rastreo dsmsetpw, permite a usuarios locales descubrir una contrase\u00f1a cifrada leyendo el resultado del rastreo de aplicaci\u00f3n."
}
],
"id": "CVE-2016-5927",
"lastModified": "2024-11-21T02:55:13.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-12T10:59:02.647",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989006"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/92723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92723"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-21 11:47
Modified
2024-11-21 01:43
Severity ?
Summary
Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_storage_manager_for_space_management | * | |
| ibm | tivoli_storage_manager_for_space_management | 6.1.0 | |
| ibm | tivoli_storage_manager_for_space_management | 6.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A149A541-ACAF-4D32-BA49-CEC5F2A3A77D",
"versionEndIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2DC71CA-97C2-46EF-8082-2056F4D3BB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1030A8-2770-49BF-93EC-8C2FB08C3FCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en IBM Tivoli Storage Manager para la gesti\u00f3n de espacio (tambi\u00e9n conocido como TSM HSM) antes de v6.2.5.0 y v6.3.x antes de v6.3.1.0 permite a los usuarios locales leer o modificar los objetos del sistema de archivos a trav\u00e9s de vectores desconocidos.\r\n"
}
],
"id": "CVE-2012-4859",
"lastModified": "2024-11-21T01:43:37.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-21T11:47:36.783",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-08 22:59
Modified
2024-11-21 02:55
Severity ?
Summary
IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21988728 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/92534 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21988728 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92534 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB2D5C3-AFDE-43AE-A5E1-AAE9753D57C8",
"versionEndIncluding": "7.1.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C001D0C-6696-4B41-A2A2-6F9214106C79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D128C737-3482-4539-9FC2-815DAC557FA9",
"versionEndIncluding": "6.4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58B2465F-1445-4CB2-8130-D97D4524A290",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4023F82-E1CC-4066-B65C-B6A06096D6CD",
"versionEndIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed."
},
{
"lang": "es",
"value": "IBM Tivoli Storage Manager HSM para Windows muestra la contrase\u00f1a cifrada Tivoli Storage Manager en la salida de rastreo de la aplicaci\u00f3n si la opci\u00f3n de acceso a la contrase\u00f1a es r\u00e1pida y se cambia la contrase\u00f1a."
}
],
"id": "CVE-2016-5918",
"lastModified": "2024-11-21T02:55:13.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-08T22:59:00.603",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988728"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92534"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}