The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.4 allows remote attackers to obtain administrative privileges via a crafted URL that triggers back-end function execution.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HIBM Tivoli Storage Flashcopy Manager For VMware
APPIbm3.13.1.13.26.36.46.4.26.4.3IBM Tivoli Storage Manager For Virtual Environments Data Protection For VMware
APPIbm4.1.04.1.14.1.24.1.36.3.16.3.26.4.17.1.07.1.17.1.27.1.3
Powiązane podatności
IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery w...
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WA...
IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to ...
IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by...
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...