4.3
CVE-2016-6044
- EPSS 0.13%
- Published 01.02.2017 20:59:01
- Last modified 20.04.2025 01:37:25
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Tivoli Storage Manager Version6.4.1
Ibm ≫ Tivoli Storage Manager Version6.4.1.1
Ibm ≫ Tivoli Storage Manager Version6.4.2
Ibm ≫ Tivoli Storage Manager Version6.4.2.1
Ibm ≫ Tivoli Storage Manager Version6.4.2.2
Ibm ≫ Tivoli Storage Manager Version6.4.2.3
Ibm ≫ Tivoli Storage Manager Version6.4.2.4
Ibm ≫ Tivoli Storage Manager Version7.1
Ibm ≫ Tivoli Storage Manager Version7.1.0.1
Ibm ≫ Tivoli Storage Manager Version7.1.0.2
Ibm ≫ Tivoli Storage Manager Version7.1.1.1
Ibm ≫ Tivoli Storage Manager Version7.1.1.2
Ibm ≫ Tivoli Storage Manager Version7.1.3
Ibm ≫ Tivoli Storage Manager Version7.1.3.1
Ibm ≫ Tivoli Storage Manager Version7.1.3.2
Ibm ≫ Tivoli Storage Manager Version7.1.4
Ibm ≫ Tivoli Storage Manager Version7.1.4.1
Ibm ≫ Tivoli Storage Manager Version7.1.4.2
Ibm ≫ Tivoli Storage Manager Version7.1.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.285 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.