4.3
CVE-2016-6044
- EPSS 0.13%
- Veröffentlicht 01.02.2017 20:59:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Tivoli Storage Manager Version6.4.1
Ibm ≫ Tivoli Storage Manager Version6.4.1.1
Ibm ≫ Tivoli Storage Manager Version6.4.2
Ibm ≫ Tivoli Storage Manager Version6.4.2.1
Ibm ≫ Tivoli Storage Manager Version6.4.2.2
Ibm ≫ Tivoli Storage Manager Version6.4.2.3
Ibm ≫ Tivoli Storage Manager Version6.4.2.4
Ibm ≫ Tivoli Storage Manager Version7.1
Ibm ≫ Tivoli Storage Manager Version7.1.0.1
Ibm ≫ Tivoli Storage Manager Version7.1.0.2
Ibm ≫ Tivoli Storage Manager Version7.1.1.1
Ibm ≫ Tivoli Storage Manager Version7.1.1.2
Ibm ≫ Tivoli Storage Manager Version7.1.3
Ibm ≫ Tivoli Storage Manager Version7.1.3.1
Ibm ≫ Tivoli Storage Manager Version7.1.3.2
Ibm ≫ Tivoli Storage Manager Version7.1.4
Ibm ≫ Tivoli Storage Manager Version7.1.4.1
Ibm ≫ Tivoli Storage Manager Version7.1.4.2
Ibm ≫ Tivoli Storage Manager Version7.1.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.285 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.