What is the severity of CVE-2016-6033?

CVE-2016-6033 is classified as a medium severity vulnerability due to the potential for cross-site request forgery.

How do I fix CVE-2016-6033?

To remediate CVE-2016-6033, upgrade to the latest version of IBM Tivoli Storage Manager for Virtual Environments that addresses the vulnerability.

What versions of IBM Tivoli Storage Manager for Virtual Environments are affected by CVE-2016-6033?

CVE-2016-6033 affects versions 7.1.0 through 7.1.6.3 of IBM Tivoli Storage Manager for Virtual Environments.

What type of attack is facilitated by CVE-2016-6033?

CVE-2016-6033 facilitates cross-site request forgery attacks, allowing unauthorized actions to be executed by a trusted user.

Is CVE-2016-6033 specific to any operating system?

CVE-2016-6033 is not specific to any operating system; it affects IBM Tivoli Storage Manager for Virtual Environments across supported platforms.

Vulnerability/
CVE-2016-6033

high

8.8

CWE

352

15/2/2017

6/8/2024

CVE-2016-6033: CSRF

First published: Wed Feb 15 2017(Updated: )

IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1995545.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.0
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.1
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.2
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.3
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.4
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.4.0
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.6
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.6.2
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware	=7.1.6.3
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.0.0
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.1
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.2
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.3
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.4
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.4.0
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.4.1
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.6
IBM Tivoli Storage FlashCopy Manager for VMware	=4.1.6.0

Remedy

http://www.ibm.com/support/docview.wss?uid=swg21995545

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6033?
CVE-2016-6033 is classified as a medium severity vulnerability due to the potential for cross-site request forgery.
How do I fix CVE-2016-6033?
To remediate CVE-2016-6033, upgrade to the latest version of IBM Tivoli Storage Manager for Virtual Environments that addresses the vulnerability.
What versions of IBM Tivoli Storage Manager for Virtual Environments are affected by CVE-2016-6033?
CVE-2016-6033 affects versions 7.1.0 through 7.1.6.3 of IBM Tivoli Storage Manager for Virtual Environments.
What type of attack is facilitated by CVE-2016-6033?
CVE-2016-6033 facilitates cross-site request forgery attacks, allowing unauthorized actions to be executed by a trusted user.
Is CVE-2016-6033 specific to any operating system?
CVE-2016-6033 is not specific to any operating system; it affects IBM Tivoli Storage Manager for Virtual Environments across supported platforms.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/remedy
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm spectrum protect for virtual environments: data protection for vmware
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.0
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.1
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.2
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.3
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.4
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.4.0
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.6
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.6.2
version/ibm spectrum protect for virtual environments: data protection for vmware/7.1.6.3
canonical/ibm tivoli storage flashcopy manager for vmware
version/ibm tivoli storage flashcopy manager for vmware/4.1.0.0
version/ibm tivoli storage flashcopy manager for vmware/4.1.1
version/ibm tivoli storage flashcopy manager for vmware/4.1.2
version/ibm tivoli storage flashcopy manager for vmware/4.1.3
version/ibm tivoli storage flashcopy manager for vmware/4.1.4
version/ibm tivoli storage flashcopy manager for vmware/4.1.4.0
version/ibm tivoli storage flashcopy manager for vmware/4.1.4.1
version/ibm tivoli storage flashcopy manager for vmware/4.1.6
version/ibm tivoli storage flashcopy manager for vmware/4.1.6.0