CVE-2016-6033

Published on: 02/15/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:12 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Tivoli Storage Flashcopy Manager For Vmware from Ibm contain the following vulnerability:

IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1995545.

  • CVE-2016-6033 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: URL Logo IBM Corporation - Tivoli Storage Manager for Virtual Environments version 6.3
  • Affected Vendor/Software: URL Logo IBM Corporation - Tivoli Storage Manager for Virtual Environments version 6.4
  • Affected Vendor/Software: URL Logo IBM Corporation - Tivoli Storage Manager for Virtual Environments version 7.1

CVSS3 Score: 8.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Multiple IBM Products CVE-2016-6033 Cross Site Request Forgery Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 95102
Security Bulletin: Cross-site request forgery vulnerability in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware (CVE-2016-6033) Patch
Vendor Advisory
www.ibm.com
text/html
URL Logo CONFIRM www.ibm.com/support/docview.wss?uid=swg21995545

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.0.0AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.1AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.2AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.3AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.4AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.4.0AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.4.1AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.6AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.6.0AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.0.0AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.1AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.2AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.3AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.4AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.4.0AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.4.1AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.6AllAllAll
ApplicationIbmTivoli Storage Flashcopy Manager For Vmware4.1.6.0AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.0AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.1AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.2AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.3AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.4AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.4.0AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.6AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.6.2AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.6.3AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.0AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.1AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.2AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.3AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.4AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.4.0AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.6AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.6.2AllAllAll
ApplicationIbmTivoli Storage Manager For Virtual Environments Data Protection For Vmware7.1.6.3AllAllAll
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.4.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.6.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.4.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager_for_vmware:4.1.6.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.6.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.6.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.6.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware:7.1.6.3:*:*:*:*:*:*:*: