Ibm

Tivoli Storage Manager

49 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2020-28198

Exploit
  • EPSS 0.1%
  • Veröffentlicht 06.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:22:27

The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive"...

7.5

CVE-2018-1786

  • EPSS 0.38%
  • Veröffentlicht 12.11.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:22

IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871.

5.5

CVE-2018-1550

  • EPSS 0.04%
  • Veröffentlicht 26.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:00

IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696.

7.8

CVE-2017-1378

  • EPSS 0.04%
  • Veröffentlicht 05.10.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875.

4.4

CVE-2017-1339

  • EPSS 0.02%
  • Veröffentlicht 05.10.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information...

5.5

CVE-2017-1301

  • EPSS 0.1%
  • Veröffentlicht 05.10.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link fro...

9.8

CVE-2016-8937

  • EPSS 0.23%
  • Veröffentlicht 05.10.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access...

5.5

CVE-2016-8939

  • EPSS 0.07%
  • Veröffentlicht 07.06.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. IBM X-Force ID: 118790.

5.5

CVE-2016-8916

  • EPSS 0.05%
  • Veröffentlicht 05.05.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472.

8.8

CVE-2016-8940

  • EPSS 0.34%
  • Veröffentlicht 07.03.2017 17:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for acces...