Ibm Tivoli Storage Flashcopy Manager vulnerabilities

5 known vulnerabilities affecting ibm/tivoli_storage_flashcopy_manager.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM1LOW4

Vulnerabilities

Page 1 of 1

CVE-2015-7404LOWCVSS 1.9v2.1.0v2.2.0+8 more2015-11-14

CVE-2015-7404 [LOW] CWE-200 CVE-2015-7404: IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Pro IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (aka Spectrum Protect for Mail) 5.5 before 5.5.1.1, 6.1 and 6.3 before 6.3.

CVE-2015-1988LOWCVSS 3.5≥ 3.1.0.0, < 3.1.1.3≥ 3.2.0.0, < 3.2.0.6+1 more2015-10-04

CVE-2015-1988 [LOW] CWE-79 CVE-2015-1988: Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web scri

CVE-2015-6557LOWCVSS 2.1v3.1.0v3.1.1+4 more2015-08-23

CVE-2015-6557 [LOW] CVE-2015-6557: IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6. IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage

CVE-2015-4949LOWCVSS 2.1v4.1.0v4.1.22015-08-23

CVE-2015-4949 [LOW] CWE-200 CVE-2015-4949: IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2, IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2, Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 7.1 before 7.1.2, and Tivoli Storage FlashCopy Manager 4.1 before 4.1.2 place cleartext passwords in exception messages, which allows physically proximate attackers to obtain s

CVE-2013-6714MEDIUMCVSS 4.1v3.1.0v3.1.1+4 more2014-05-26

CVE-2013-6714 [MEDIUM] CWE-264 CVE-2013-6714: The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0 The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions.