VYPR

Tivoli Storage Manager Operations Center

by IBM

CVEs (4)

  • CVE-2016-6045HigFeb 1, 2017
    risk 0.57cvss 8.8epss 0.01

    IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

  • CVE-2016-6043HigFeb 1, 2017
    risk 0.46cvss 7.0epss 0.00

    Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced.

  • CVE-2016-6046MedFeb 1, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

  • CVE-2016-6044MedFeb 1, 2017
    risk 0.28cvss 4.3epss 0.01

    IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.