Server Property Editing Vulnerability in IBM Tivoli Storage Productivity Center
CVE-2016-8942

3.1LOW

Key Information:

Vendor: IBM
Status: Spectrum Control Standard Select Edition
Vendor: CVE Published:; 1 February 2017

Summary

An authenticated user with specific knowledge of the IBM Tivoli Storage Productivity Center can exploit this vulnerability to modify a limited set of server properties. This poses potential security risks, as it allows alterations that an authorized user should not have the capacity to make, thus jeopardizing the integrity of the system's configuration.

Affected Version(s)

Spectrum Control Standard Select Edition 5.1

Spectrum Control Standard Select Edition 5.1.1

Spectrum Control Standard Select Edition 5.2

References

http://www.ibm.com/support/docview.wss?uid=swg21995128

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94916

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Oct 25, 2016