CVE-2015-6557Sensitive Information Exposure in IBM Tivoli Storage Flashcopy Manager

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.0%
top 84.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM Tivoli Storage Flashcopy ManagerIBM Tivoli Storage Manager FOR Databases Data Protection FOR Microsoft SQL ServerIBM Tivoli Storage Manager FOR Mail Data Protection FOR Microsoft Exchange Server
Timeline
PublishedAug 23
Latest updateMay 17

Description

IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage FlashCopy Manager 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.2, when application tracing is used, place cleartext passw

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDibm/tivoli_storage_manager17 versions+16

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-2p4q-pg24-pmp6: IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 52022-05-17
CVEList
CVE-2015-6557: IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 52015-08-23
CVE-2015-6557 — Sensitive Information Exposure in IBM | cvebase