Tivoli Storage Manager (IBM Spectrum Protect) SQL interface is vulnerable to unauthorized access to user credentials and product sensitive information.
CVE(s): CVE-2016-8940
Affected product(s) and affected version(s):
This vulnerability affects the following IBM Tivoli Storage Manager (IBM Spectrum Protect) Server levels:
- 7.1.0.0 through 7.1.7.0
- 6.3.0.0 through 6.3.6.0
- 6.2, 6.1, and 5.5 all levels (these releases are EOS)
Note that this vulnerability has been fixed in 8.1.0.0.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2lqyVom
X-Force Database: http://ift.tt/2m8djRO
The post IBM Security Bulletin: Tivoli Storage Manger (IBM Spectrum Protect) SQL interface vulnerable to unauthorized access (CVE-2016-8940) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2lqGBXK
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.