Information about an information disclosure security vulnerability affecting Tivoli Business Service Manager (TBSM) is published in this security bulletin. Manipulation of communication between the TBSM Dashboard server and the TBSM Data Server could result in information disclosure.
CVEID: CVE-2016-0286
DESCRIPTION: IBM Tivoli Business Service Manager could allow an authenticated user with special privileges to view the administrator password in clear text.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111234> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Tivoli Business Service Manager 6.1.0
Tivoli Business Service Manager 6.1.1
Principal Product and Version(s)
| Available Fix
—|—
Tivoli Business Service Manager 6.1.0| 6.1.0-TIV-BSM-FP0004
<http://www-01.ibm.com/support/docview.wss?uid=swg24042501>
Tivoli Business Service Manager 6.1.1| 6.1.1-TIV-BSM-FP0004
<http://www-01.ibm.com/support/docview.wss?uid=swg24041505>
None