Filtered by vendor Ibm
Subscriptions
Filtered by product Tivoli Storage Manager
Subscriptions
Total
50 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-1301 | 1 Ibm | 1 Tivoli Storage Manager | 2024-09-17 | N/A |
IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. IBM X-Force ID: 125163. | ||||
CVE-2017-1378 | 1 Ibm | 1 Tivoli Storage Manager | 2024-09-17 | N/A |
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875. | ||||
CVE-2009-1178 | 1 Ibm | 1 Tivoli Storage Manager | 2024-09-17 | N/A |
Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the "admin command line." | ||||
CVE-2018-1786 | 3 Ibm, Linux, Microsoft | 8 Spectrum Protect, Spectrum Protect For Virtual Environments Data Protection For Hyper-v, Spectrum Protect Manager For Virtual Environments Data Protection For Vmware and 5 more | 2024-09-17 | N/A |
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871. | ||||
CVE-2018-1550 | 1 Ibm | 3 Tivoli Storage Manager, Tivoli Storage Manager For Space Management, Tivoli Storage Manager For Virtual Environments | 2024-09-16 | N/A |
IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696. | ||||
CVE-2011-1222 | 2 Ibm, Microsoft | 3 Aix, Tivoli Storage Manager, Windows | 2024-09-16 | N/A |
Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. | ||||
CVE-2011-1223 | 2 Ibm, Microsoft | 2 Tivoli Storage Manager, Windows | 2024-09-16 | N/A |
Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors. | ||||
CVE-2010-4606 | 2 Ibm, Linux | 2 Tivoli Storage Manager, Linux Kernel | 2024-09-16 | N/A |
Unspecified vulnerability in the Space Management client in the Hierarchical Storage Management (HSM) component in IBM Tivoli Storage Manager (TSM) 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows remote attackers to execute arbitrary commands via unknown vectors, related to a "script execution vulnerability." | ||||
CVE-2017-1339 | 1 Ibm | 1 Tivoli Storage Manager | 2024-09-16 | N/A |
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of service. IBM X-Force ID: 126247. | ||||
CVE-2016-8937 | 1 Ibm | 1 Tivoli Storage Manager | 2024-09-16 | N/A |
The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Force ID: 118750. | ||||
CVE-2010-4605 | 2 Ibm, Linux | 2 Tivoli Storage Manager, Linux Kernel | 2024-09-16 | N/A |
Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors. | ||||
CVE-2002-0541 | 1 Ibm | 1 Tivoli Storage Manager | 2024-08-08 | N/A |
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581. | ||||
CVE-2003-1570 | 1 Ibm | 1 Tivoli Storage Manager | 2024-08-08 | N/A |
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure." | ||||
CVE-2003-1361 | 2 Ibm, Veritas | 2 Tivoli Storage Manager, Bare Metal Restore | 2024-08-08 | N/A |
Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server. | ||||
CVE-2004-2762 | 1 Ibm | 2 Mvs, Tivoli Storage Manager | 2024-08-08 | N/A |
The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. | ||||
CVE-2006-6309 | 1 Ibm | 1 Tivoli Storage Manager | 2024-08-07 | N/A |
Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855. | ||||
CVE-2006-5855 | 1 Ibm | 1 Tivoli Storage Manager | 2024-08-07 | N/A |
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message. | ||||
CVE-2008-4563 | 2 Ibm, Microsoft | 3 Tivoli Storage Manager, Tivoli Storage Manager Express, Windows | 2024-08-07 | N/A |
Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value. | ||||
CVE-2009-3855 | 1 Ibm | 1 Tivoli Storage Manager | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors. | ||||
CVE-2009-3854 | 1 Ibm | 1 Tivoli Storage Manager | 2024-08-07 | N/A |
Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors. |