{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "IC87210", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87210"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21624118"}, {"name": "tsm-gui-unauth-access(81216)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81216"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2013-0472", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "IC87210", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87210"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21624118", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21624118"}, {"name": "tsm-gui-unauth-access(81216)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81216"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:25:10.335Z"}, "title": "CVE Program Container", "references": [{"name": "IC87210", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87210"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21624118"}, {"name": "tsm-gui-unauth-access(81216)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81216"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2013-0472", "datePublished": "2013-02-21T02:00:00", "dateReserved": "2012-12-16T00:00:00", "dateUpdated": "2024-08-06T14:25:10.335Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B03B94E-62C9-457F-BC95-5F97EADAEE8A", "versionEndIncluding": "6.2.4.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "6642D8F1-3F9B-4613-A343-B3D4E9849CD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "06E6F6FA-77B8-4FFD-B7B2-6206651BBEAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "74E4A983-9053-405D-BA3D-BAE8B47A1EB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB1B6BE3-9554-41DF-A994-82CEAF88BA90", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "6454A8C4-407C-455F-8922-D7D703C52245", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "40C35632-F7D5-494A-BE62-2DB121ED6234", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "62532061-2092-481A-B699-4EA1500F80D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC7FD0D2-E106-4152-AF87-0E8BEE44DDCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "41A50035-DA7C-4F8F-B36A-3C5194098F4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "FA6521E9-3106-49F6-84DF-66FFE47BDAC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "C0A6731C-74A9-4FA9-8F2B-66D5F623151B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "2E1464DB-B192-4459-9C6D-34E8213CDC5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "0EDD381D-FEA0-476C-9389-D777D2E344E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "79B76B2B-D92E-4000-8779-87C01BE55E4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "4E8452AD-9871-4BDC-8302-EB6CD86A0C9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EA28A2C9-21A0-48E2-88DD-C2336D990523", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "256AFD08-1918-46D6-9A7A-AE50ACDE9347", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AAA451EA-3F6E-4063-99E2-0D1D6950CC11", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF4E3EAE-A032-4A42-91C9-5D1E1CC048B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "58353CBA-C09A-4F19-BDE4-D0243AEF3213", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C5E07B8-DB3C-4A99-801C-84C3814BAA9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7C40A61-30E2-4FD4-A29B-715981201F1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2585495-DB97-429F-87AC-4C4E92DE305D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "5A665E28-2D3D-40DE-AF28-D549F3A37A82", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "31370480-2B9D-44D4-A448-4B441CF59194", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "0973283F-AD45-4927-88E2-559069C1B0F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "801CCEC1-8DED-41C4-B6D2-38E4BEC74EA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A263333E-DB86-41BE-A508-731079429E62", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E5F0611-DD8F-42A2-AFD7-1BCBD38BAB4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "25121FC4-9EE2-44AE-BEB3-02C3AB38DB61", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "93FCB242-C35B-4CDB-AE62-3CA5D312586B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "70016926-5776-4A04-8D55-5CA12D1DA9B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "930B5AE2-CA47-47D7-96DE-F2B9F70337C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3FAA5227-C1F5-48C1-A207-096F228E305E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "74B38E6A-86AA-4C35-AF3F-7F77DF647235", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "271A29AC-0890-495D-8DF7-2530CEAF6C2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "43BE5332-C982-440A-A7AA-03B83415B444", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "74E095D6-D6C9-4E21-9CBA-508D043C4286", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "EFD434E9-6D0E-4FDB-A39A-D9FAC7E825C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "22F74B9A-D31E-43E3-8A29-BFD09A9442F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D5A77C9-AB75-4133-8441-9BEE8591A717", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "11E968D1-8198-4686-BFDD-8499CB435B56", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "40A8E0C4-8509-4372-99C7-CFBA2100AEBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5CBC191E-0CE6-4D9C-A75B-E3484AC3B4DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F956AF3F-0BDF-4F4B-AB29-418C39BEC8D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0642EDE5-7EBF-4FA3-9432-F82FE76EF9EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F4C19266-CDED-4DC0-8B50-560BA3B5DAC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BE93F92-4A7E-436C-8120-3BECC9C7215E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "67741515-E42C-41CA-8D11-AFFB0D23B7C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "D01ED5FF-D648-4B94-A555-D702804079D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "3BD18D39-DA8A-4C58-A18B-14EB6BEFBFDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B0ADAA69-B258-4666-9AB7-7965429EA497", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F4722BA-186A-4999-965E-ED5FA72D4BD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D9FF105A-6B8E-4849-875F-FD87EC9291E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC4EA95B-C812-4A27-8FB2-46F644463BF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "76EC7D2D-4B0A-4CDF-A523-85ABEF05D211", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C7DD9CE-0E95-45BB-9BB5-07652C9FD6C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6F3F3288-4280-43DA-B6E4-8240137105AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "90CAA216-D0B3-4ECB-8BBE-5288DE590DE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "45172E20-5E12-435E-815F-D543C9B6BD41", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "476EE4EA-A032-49EF-9A4C-37D8AD642130", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9625017C-311D-423A-BFF8-AEB4CE7766FE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "705A5381-AEA6-4FA2-B0EC-AD5F9E4FC985", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EAADE980-DC7D-4A3A-A0C4-B03EF08B3CBB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors."}, {"lang": "es", "value": "La interfaz gr\u00e1fica de usuario Web en el cliente de IBM Tivoli Storage Manager (TSM) v6,3 antes de v6.3.1.0 y v6,4 antes de v6.4.0.1 permite ataques de man-in-the-middle para obtener acceso de clientes no especificados, y por lo tanto obtener acceso al servidor sin especificar, a trav\u00e9s de vectores desconocidos ."}], "id": "CVE-2013-0472", "lastModified": "2024-11-21T01:47:39.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-02-21T04:35:52.983", "references": [{"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87210"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21624118"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81216"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC87210"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21624118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81216"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}