5.5

CVE-2016-8939

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. IBM X-Force ID: 118790.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmTivoli Storage Manager Version6.1
IbmTivoli Storage Manager Version6.1.0
IbmTivoli Storage Manager Version6.1.1
IbmTivoli Storage Manager Version6.1.2
IbmTivoli Storage Manager Version6.1.3
IbmTivoli Storage Manager Version6.1.4
IbmTivoli Storage Manager Version6.1.5
IbmTivoli Storage Manager Version6.1.5.4
IbmTivoli Storage Manager Version6.1.5.5
IbmTivoli Storage Manager Version6.1.5.6
IbmTivoli Storage Manager Version6.2.0
IbmTivoli Storage Manager Version6.2.1
IbmTivoli Storage Manager Version6.2.2
IbmTivoli Storage Manager Version6.2.3
IbmTivoli Storage Manager Version6.2.4
IbmTivoli Storage Manager Version6.3
IbmTivoli Storage Manager Version6.3.0.5
IbmTivoli Storage Manager Version6.3.0.15
IbmTivoli Storage Manager Version6.3.0.17
IbmTivoli Storage Manager Version6.3.1
IbmTivoli Storage Manager Version6.3.1.2
IbmTivoli Storage Manager Version6.3.2.2
IbmTivoli Storage Manager Version6.3.3
IbmTivoli Storage Manager Version6.3.4
IbmTivoli Storage Manager Version6.3.5
IbmTivoli Storage Manager Version6.3.5.1
IbmTivoli Storage Manager Version6.3.6
IbmTivoli Storage Manager Version6.3.6.100
IbmTivoli Storage Manager Version6.4.1
IbmTivoli Storage Manager Version6.4.1.0
IbmTivoli Storage Manager Version6.4.2
IbmTivoli Storage Manager Version6.4.2.100
IbmTivoli Storage Manager Version6.4.2.200
IbmTivoli Storage Manager Version6.4.2.500
IbmTivoli Storage Manager Version6.4.2.600
IbmTivoli Storage Manager Version6.4.3
IbmTivoli Storage Manager Version6.4.3.1
IbmTivoli Storage Manager Version7.1
IbmTivoli Storage Manager Version7.1..5.100
IbmTivoli Storage Manager Version7.1.0.1
IbmTivoli Storage Manager Version7.1.0.2
IbmTivoli Storage Manager Version7.1.0.3
IbmTivoli Storage Manager Version7.1.1
IbmTivoli Storage Manager Version7.1.1.1
IbmTivoli Storage Manager Version7.1.1.2
IbmTivoli Storage Manager Version7.1.1.100
IbmTivoli Storage Manager Version7.1.1.200
IbmTivoli Storage Manager Version7.1.1.300
IbmTivoli Storage Manager Version7.1.3
IbmTivoli Storage Manager Version7.1.3.000
IbmTivoli Storage Manager Version7.1.3.1
IbmTivoli Storage Manager Version7.1.3.2
IbmTivoli Storage Manager Version7.1.3.100
IbmTivoli Storage Manager Version7.1.4
IbmTivoli Storage Manager Version7.1.4.1
IbmTivoli Storage Manager Version7.1.4.2
IbmTivoli Storage Manager Version7.1.5
IbmTivoli Storage Manager Version7.1.5.200
IbmTivoli Storage Manager Version7.1.6
IbmTivoli Storage Manager Version7.1.7
IbmTivoli Storage Manager Version7.1.7.100
IbmTivoli Storage Manager Version7.1.7.200
IbmTivoli Storage Manager Version8.1.0
IbmTivoli Storage Manager Version8.1.1
IbmTivoli Storage Manager Version8.1.1.100
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.267
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.ibm.com/support/docview.wss?uid=swg22003738
Vendor Advisory
http://www.securityfocus.com/bid/98783
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038607
https://exchange.xforce.ibmcloud.com/vulnerabilities/118790
Vendor Advisory
VDB Entry
https://improsec.com/blog/vulnerability-in-tsm