Описание
IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.
Ссылки
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00125
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.
EPSS
Процентиль: 32%
0.00125
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-284