Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tivoli_storage_manager
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 50 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-05-06 | CVE-2020-28198 | The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd). NOTE: This vulnerability only affects products that are no longer supported by the maintainer | Tivoli_storage_manager | 7.0 | ||
| 2010-12-29 | CVE-2010-4605 | Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors. | Tivoli_storage_manager | N/A | ||
| 2015-02-14 | CVE-2014-6195 | The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on Windows, before 6.2.5.3 on AIX and Linux x86, and before 6.2.5.4 on Linux Z and Solaris; 6.3 before 6.3.2.1 on AIX, before 6.3.2.2 on Windows, and before 6.3.2.3 on Linux; 6.4 before 6.4.2.1; and 7.1 before 7.1.1 in IBM TSM for Mail, when... | Tivoli_storage_manager | N/A | ||
| 2010-12-29 | CVE-2010-4604 | Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe. | Tivoli_storage_manager | N/A | ||
| 2010-12-29 | CVE-2010-4606 | Unspecified vulnerability in the Space Management client in the Hierarchical Storage Management (HSM) component in IBM Tivoli Storage Manager (TSM) 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows remote attackers to execute arbitrary commands via unknown vectors, related to a "script execution vulnerability." | Tivoli_storage_manager | N/A | ||
| 2017-02-01 | CVE-2016-0371 | The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled. | Tivoli_storage_manager | 5.5 | ||
| 2015-02-22 | CVE-2014-6184 | Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. | Tivoli_storage_manager | N/A | ||
| 2014-08-26 | CVE-2013-6335 | The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. | Tivoli_storage_manager | N/A | ||
| 2018-11-12 | CVE-2018-1786 | IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871. | Spectrum_protect, Spectrum_protect_for_virtual_environments_data_protection_for_hyper\-V, Spectrum_protect_manager_for_virtual_environments_data_protection_for_vmware, Tivoli_storage_manager, Tivoli_storage_manager_for_virtual_environments_data_protection_for_hyper\-V, Tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware | 7.5 | ||
| 2018-09-26 | CVE-2018-1550 | IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696. | Tivoli_storage_manager, Tivoli_storage_manager_for_space_management, Tivoli_storage_manager_for_virtual_environments | 5.5 |