Vulnerabilities > IBM > Tivoli Storage Manager > 6.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-6110 | Credentials Management vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. | 6.5 |
| 2017-02-01 | CVE-2016-5985 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. | 7.8 |
| 2016-07-03 | CVE-2016-2894 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions. | 2.5 |
| 2016-01-20 | CVE-2015-4951 | Improper Input Validation vulnerability in IBM Tivoli Storage Manager Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 and 6.x before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted Web client URL. | 5.3 |