CVE-2017-1339

Опубликовано: 05 окт. 2017

Источник: nvd

CVSS3: 4.4

CVSS2: 2.1

EPSS Низкий

Описание

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of service. IBM X-Force ID: 126247.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22007936
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101113
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039498
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/126247
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22007936
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101113
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039498
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/126247
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.6.100:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.100:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.200:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.500:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.600:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1..5.100:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.100:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.200:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.300:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.000:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.100:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5.200:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7.100:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7.200:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:8.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:8.1.1.100:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00021

Низкий

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-327

Связанные уязвимости

GHSA-rqx2-5vfv-6xgq