PT-2016-3772 · Ibm · Tivoli Storage Flashcopy Manager For Vmware+1

Published

2016-01-02

Updated

2016-11-28

CVE-2015-7429

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 7.1 through 7.1.3 IBM Tivoli Storage FlashCopy Manager for VMware versions 4.1 through 4.1.3

Description The issue allows remote authenticated users to restore arbitrary virtual machines, potentially obtaining sensitive information by accessing the vSphere inventory.

Recommendations For IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 7.1 through 7.1.3, update to version 7.1.4 or later. For IBM Tivoli Storage FlashCopy Manager for VMware versions 4.1 through 4.1.3, update to version 4.1.4 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-7429

Affected Products

Tivoli Storage Flashcopy Manager For Vmware

Ibm Tivoli Storage Manager For Virtual Environments: Data Protection For Vmware

PT-2016-3772 · Ibm · Tivoli Storage Flashcopy Manager For Vmware+1

CVE-2015-7429

Weakness Enumeration

Related Identifiers

Affected Products

References · 3