Описание
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.4.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:7.1.4:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00052
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.
EPSS
Процентиль: 16%
0.00052
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200