CVE-2016-5927Sensitive Information Exposure in IBM Tivoli Storage Manager FOR Space Management

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 83.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Storage Manager FOR Space Management
Timeline
PublishedSep 12
Latest updateMay 17

Description

IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

NVDibm/tivoli_storage_manager12 versions+11

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-hjw4-mmqg-5692: IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 62022-05-17
CVEList
CVE-2016-5927: IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 62016-09-12
CVE-2016-5927 — Sensitive Information Exposure in IBM | cvebase