Vulnerabilities > IBM > Tivoli Storage Manager FOR Virtual Environments Data Protection FOR Vmware > 6.3.2

DATE	CVE	VULNERABILITY TITLE	RISK
2017-02-01	CVE-2016-6110	Credentials Management vulnerability in IBM products IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. local low complexity ibm linux microsoft CWE-255	2.1
2016-02-21	CVE-2015-7425	Permissions, Privileges, and Access Controls vulnerability in IBM products The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.4 allows remote attackers to obtain administrative privileges via a crafted URL that triggers back-end function execution. network low complexity ibm CWE-264 critical	10.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.