Vulnerabilities > IBM > Tivoli Storage Manager FOR Virtual Environments Data Protection FOR Vmware > 7.1.6.2

DATE	CVE	VULNERABILITY TITLE	RISK
2017-02-15	CVE-2016-6033	Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. network low complexity ibm CWE-352	8.8
2017-02-01	CVE-2016-6034	Information Exposure vulnerability in IBM Tivoli Storage Manager for Virtual Environments Data Protection for VMWare IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges. network low complexity ibm CWE-200	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.