CVE-2003-1570

2009-03-3118:00:00

mitre

www.cve.org

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

56.8%

JSON

The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to “session exposure.”

References

secunia.com/advisories/34498

securitytracker.com/id?1021947

www-01.ibm.com/support/docview.wss?uid=swg21375360

www-1.ibm.com/support/docview.wss?uid=swg1IC37554

www.securityfocus.com/bid/34285

www.vupen.com/english/advisories/2009/0881

exchange.xforce.ibmcloud.com/vulnerabilities/49536