Cross-Site Request Forgery Vulnerability in IBM Tivoli Storage Manager for Virtual Environments
CVE-2016-6033

8.8HIGH

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager For Virtual Environments
Vendor: CVE Published:; 15 February 2017

What is CVE-2016-6033?

IBM Tivoli Storage Manager for Virtual Environments 7.1 is susceptible to a cross-site request forgery vulnerability that could allow attackers to initiate unauthorized actions by leveraging the trust of a legitimate user. This type of vulnerability can lead to serious security risks, enabling malicious activities without the user's consent. For detailed insights and mitigation strategies, refer to IBM's official documentation.

Affected Version(s)

Tivoli Storage Manager for Virtual Environments 6.3

Tivoli Storage Manager for Virtual Environments 6.4

Tivoli Storage Manager for Virtual Environments 7.1

References

http://www.securityfocus.com/bid/95102

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21995545

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 15, 2017
Vulnerability Reserved
Jun 29, 2016