CVE-2016-2988

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) versions 6.4.x through 6.4.3.3 IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) versions 7.1.x through 7.1.5

Description The issue allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins.

Recommendations For versions 6.4.x through 6.4.3.3, update to version 6.4.3.4 or later. For versions 7.1.x through 7.1.5, update to version 7.1.6 or later.