VYPR
High severity8.8NVD Advisory· Published Mar 7, 2017· Updated Jun 17, 2026

CVE-2016-8940

CVE-2016-8940

Description

IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these product specific database tables may allow access to passwords or other sensitive information for the product. IBM Reference #: 1998946.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

53
  • cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*+ 50 more
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.300:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.000:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1..5.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7:*:*:*:*:*:*:*
    • (no CPE)range: 6.1, 6.2, 6.3, and 7.1
  • Range: 6.1, 6.2, 6.3, and 7.1
  • IBM Corporation/Tivoli Storage Managerv5
    Range: 5.3.5.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.