PT-2015-5534 · Ibm · Tivoli Storage Flashcopy Manager For Vmware+1
Published
2015-10-04
·
Updated
2019-06-13
·
CVE-2015-1988
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 6.3 through 6.3.2.4
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 6.4 through 6.4.3.0
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 7.1 through 7.1.2
Tivoli Storage FlashCopy Manager for VMware versions 3.1 through 3.1.1.2
Tivoli Storage FlashCopy Manager for VMware versions 3.2 through 3.2.0.5
Tivoli Storage FlashCopy Manager for VMware versions 4.1 through 4.1.2
Description
A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Recommendations
For IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 6.3 through 6.3.2.4, update to version 6.3.2.5 or later.
For IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 6.4 through 6.4.3.0, update to version 6.4.3.1 or later.
For IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 7.1 through 7.1.2, update to version 7.1.3 or later.
For Tivoli Storage FlashCopy Manager for VMware versions 3.1 through 3.1.1.2, update to version 3.1.1.3 or later.
For Tivoli Storage FlashCopy Manager for VMware versions 3.2 through 3.2.0.5, update to version 3.2.0.6 or later.
For Tivoli Storage FlashCopy Manager for VMware versions 4.1 through 4.1.2, update to version 4.1.3.0 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Tivoli Storage Manager For Virtual Environments: Data Protection For Vmware
Tivoli Storage Flashcopy Manager For Vmware