VYPR
Get started
← All advisories
Low severity2.5NVD Advisory· Published Jul 3, 2016· Updated May 6, 2026

CVE-2016-2894

CVE-2016-2894

Description

IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions.

Affected products

66
  • IBM/Tivoli Storage Manager66 versions
    cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*+ 65 more
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1..5.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.300:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.000:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5.200:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.