Filtered by vendor Ibm
Subscriptions
Filtered by product Tivoli Storage Manager
Subscriptions
Total
50 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-6043 | 1 Ibm | 1 Tivoli Storage Manager | 2017-02-09 | N/A |
Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. | ||||
CVE-2016-6045 | 1 Ibm | 1 Tivoli Storage Manager | 2017-02-09 | N/A |
IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
CVE-2016-6046 | 1 Ibm | 1 Tivoli Storage Manager | 2017-02-09 | N/A |
IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
CVE-2015-4951 | 1 Ibm | 1 Tivoli Storage Manager | 2016-12-07 | N/A |
Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 and 6.x before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted Web client URL. | ||||
CVE-2015-4927 | 1 Ibm | 1 Tivoli Storage Manager | 2016-12-07 | N/A |
The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file. | ||||
CVE-2015-7408 | 1 Ibm | 1 Tivoli Storage Manager | 2016-03-10 | N/A |
The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 and 6.x before 6.3.5.1 and 7.x before 7.1.4 does not properly restrict use of the ASNODENAME option, which allows remote attackers to read or write to backup data by leveraging proxy authority. | ||||
CVE-2014-4818 | 1 Ibm | 1 Tivoli Storage Manager | 2015-11-30 | N/A |
dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, 6.x before 6.4.3, and 7.1.x before 7.1.2 allows local users to discover the backup/restore encryption-key password via unspecified vectors. | ||||
CVE-2009-3855 | 1 Ibm | 1 Tivoli Storage Manager | 2009-11-18 | N/A |
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors. | ||||
CVE-2009-3854 | 1 Ibm | 1 Tivoli Storage Manager | 2009-11-18 | N/A |
Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2002-0541 | 1 Ibm | 1 Tivoli Storage Manager | 2008-09-05 | N/A |
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581. |