Man-in-the-Middle Vulnerability in IBM Tivoli Storage Manager on AIX and Windows
CVE-2009-1522

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Client
Vendor: CVE Published:; 5 May 2009

What is CVE-2009-1522?

The IBM Tivoli Storage Manager client versions 5.5.0.0 through 5.5.1.17 on AIX and Windows are vulnerable to man-in-the-middle attacks when using SSL. This critical flaw enables remote attackers to intercept data and access arbitrary files through unspecified vectors, potentially exposing sensitive information.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21384389

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2009/1235

vdb-entryx_refsource_VUPEN

http://osvdb.org/54235

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2009
Vulnerability Reserved
May 5, 2009