Lucene search

[email protected]NVD:CVE-2016-2894

HistoryJul 03, 2016 - 9:59 p.m.

CVE-2016-2894

2016-07-0321:59:14

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

2.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

3.2

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions.

Affected configurations

Nvd

Node

ibmtivoli_storage_managerMatch5.5

ibmtivoli_storage_managerMatch5.5.0

ibmtivoli_storage_managerMatch5.5.2

ibmtivoli_storage_managerMatch5.5.3

ibmtivoli_storage_managerMatch5.5.4

ibmtivoli_storage_managerMatch5.5.4.1

ibmtivoli_storage_managerMatch5.5.4.2

ibmtivoli_storage_managerMatch5.5.4.3

ibmtivoli_storage_managerMatch6.1

ibmtivoli_storage_managerMatch6.1.0

ibmtivoli_storage_managerMatch6.1.1

ibmtivoli_storage_managerMatch6.1.2

ibmtivoli_storage_managerMatch6.1.3

ibmtivoli_storage_managerMatch6.1.4

ibmtivoli_storage_managerMatch6.1.5

ibmtivoli_storage_managerMatch6.1.5.4

ibmtivoli_storage_managerMatch6.1.5.5

ibmtivoli_storage_managerMatch6.1.5.6

ibmtivoli_storage_managerMatch6.2

ibmtivoli_storage_managerMatch6.2.0

ibmtivoli_storage_managerMatch6.2.1

ibmtivoli_storage_managerMatch6.2.2

ibmtivoli_storage_managerMatch6.2.3

ibmtivoli_storage_managerMatch6.2.4

ibmtivoli_storage_managerMatch6.2.4.7

ibmtivoli_storage_managerMatch6.3

ibmtivoli_storage_managerMatch6.3.0

ibmtivoli_storage_managerMatch6.3.0.5

ibmtivoli_storage_managerMatch6.3.0.15

ibmtivoli_storage_managerMatch6.3.0.17

ibmtivoli_storage_managerMatch6.3.1

ibmtivoli_storage_managerMatch6.3.1.2

ibmtivoli_storage_managerMatch6.3.2.2

Node

ibmtivoli_storage_managerMatch6.4

ibmtivoli_storage_managerMatch6.4.0

ibmtivoli_storage_managerMatch6.4.0.1

ibmtivoli_storage_managerMatch6.4.0.4

ibmtivoli_storage_managerMatch6.4.0.5

ibmtivoli_storage_managerMatch6.4.0.7

ibmtivoli_storage_managerMatch6.4.1.3

ibmtivoli_storage_managerMatch6.4.1.7

ibmtivoli_storage_managerMatch6.4.2.1

ibmtivoli_storage_managerMatch6.4.2.100

ibmtivoli_storage_managerMatch6.4.2.200

ibmtivoli_storage_managerMatch6.4.3

ibmtivoli_storage_managerMatch6.4.3.1

Node

ibmtivoli_storage_managerMatch7.1

ibmtivoli_storage_managerMatch7.1..5.100

ibmtivoli_storage_managerMatch7.1.0.1

ibmtivoli_storage_managerMatch7.1.0.2

ibmtivoli_storage_managerMatch7.1.0.3

ibmtivoli_storage_managerMatch7.1.1

ibmtivoli_storage_managerMatch7.1.1.1

ibmtivoli_storage_managerMatch7.1.1.100

ibmtivoli_storage_managerMatch7.1.1.200

ibmtivoli_storage_managerMatch7.1.1.300

ibmtivoli_storage_managerMatch7.1.2

ibmtivoli_storage_managerMatch7.1.3

ibmtivoli_storage_managerMatch7.1.3.000

ibmtivoli_storage_managerMatch7.1.3.1

ibmtivoli_storage_managerMatch7.1.3.2

ibmtivoli_storage_managerMatch7.1.3.100

ibmtivoli_storage_managerMatch7.1.4

ibmtivoli_storage_managerMatch7.1.4.1

ibmtivoli_storage_managerMatch7.1.5

ibmtivoli_storage_managerMatch7.1.5.200

VendorProductVersionCPE
ibmtivoli_storage_manager5.5cpe:2.3:a:ibm:tivoli_storage_manager:5.5:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.0cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.2cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.3cpe:2.3:a:ibm:tivoli_storage_manager:5.5.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.4cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.4.1cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.4.2cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.5.4.3cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager6.1cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager6.1.0cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_storage_manager	5.5	cpe:2.3:a:ibm:tivoli_storage_manager:5.5:::::::*
ibm	tivoli_storage_manager	5.5.0	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:::::::*
ibm	tivoli_storage_manager	5.5.2	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2:::::::*
ibm	tivoli_storage_manager	5.5.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.3:::::::*
ibm	tivoli_storage_manager	5.5.4	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4:::::::*
ibm	tivoli_storage_manager	5.5.4.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.1:::::::*
ibm	tivoli_storage_manager	5.5.4.2	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.2:::::::*
ibm	tivoli_storage_manager	5.5.4.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.3:::::::*
ibm	tivoli_storage_manager	6.1	cpe:2.3:a:ibm:tivoli_storage_manager:6.1:::::::*
ibm	tivoli_storage_manager	6.1.0	cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:::::::*

Rows per page:

1-10 of 661

References

www-01.ibm.com/support/docview.wss?uid=swg1IT13686

www-01.ibm.com/support/docview.wss?uid=swg21985579

www.securityfocus.com/bid/91534

www.securitytracker.com/id/1036220

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

2.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

3.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2016-2894

ibm2 cvelist1 nessus1 prion1 openvas1 cve1