CVE-2016-6044

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Extended Edition
Vendor: CVE Published:; 1 February 2017

Summary

IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.

Affected Version(s)

Tivoli Storage Manager Extended Edition 6.4

Tivoli Storage Manager Extended Edition 7.1

Tivoli Storage Manager Extended Edition 7.1.1

References

http://www.securityfocus.com/bid/95091

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21995754

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Jun 29, 2016