Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2003-1570
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure.".
CVSSv2.0 Score
- Severity
- Low
- Base Score
- 3.5/10
- Exploit Score
- 6.8/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- Single
- Impact Score
- 2.9/10
- Confidentiality Impact
- Partial
- Availability Impact
- None
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:6.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.1:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21375360
- http://securitytracker.com/id?1021947
- http://secunia.com/advisories/34498
- http://www.securityfocus.com/bid/34285
- http://www.vupen.com/english/advisories/2009/0881
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC37554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49536