Ibm Tivoli Storage Manager For Virtual Environments vulnerabilities

CVE-2018-1550 [MEDIUM] CWE-269 CVE-2018-1550: IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive info IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. IBM X-Force ID: 142696.

CVE-2016-2988 [HIGH] CWE-264 CVE-2016-2988: IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins.

CVE-2015-1988 [LOW] CWE-79 CVE-2015-1988: Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web scri

CVE-2013-6713 [MEDIUM] CWE-264 CVE-2013-6713: The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSM The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (disk consumption) via unspecified GUI actions.