CVE-2016-8998

CWE-119Buffer Overflow3 documents3 sources
Severity
7.2HIGH
EPSS
2.4%
top 15.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Corporation Tivoli Storage ManagerIBM Tivoli Storage Manager
Timeline
PublishedFeb 24
Latest updateMay 17

Description

IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference #: 1998747.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

NVDibm/tivoli_storage_manager17 versions+16

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-48w8-mmwr-cpgc: IBM Tivoli Storage Manager Server 72022-05-17
CVEList
CVE-2016-8998: IBM Tivoli Storage Manager Server 72017-02-24
CVE-2016-8998 (HIGH CVSS 7.2) | IBM Tivoli Storage Manager Server 7 | cvebase.io