What is the severity of CVE-2016-6110?

CVE-2016-6110 is categorized as a moderate severity vulnerability due to the exposure of unencrypted login credentials.

How do I fix CVE-2016-6110?

To mitigate CVE-2016-6110, users should update their IBM Tivoli Storage Manager to version 7.1.6.4 or later.

Who is affected by CVE-2016-6110?

CVE-2016-6110 affects IBM Tivoli Storage Manager versions up to 7.1.6.3 and version 7.1.0.0.

What impact does CVE-2016-6110 have?

The impact of CVE-2016-6110 allows local users to potentially access unencrypted VMware vCenter login credentials.

Is there a workaround for CVE-2016-6110?

A potential workaround for CVE-2016-6110 includes restricting local user access to the IBM Tivoli Storage Manager where possible.

Vulnerability/
CVE-2016-6110

medium

6.5

CWE

255

1/2/2017

6/8/2024

CVE-2016-6110

First published: Wed Feb 01 2017(Updated: )

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Tivoli Storage Manager	<=7.1.6.3
IBM Tivoli Storage Manager	=7.1.0.0
IBM Tivoli Storage Manager for Virtual Environments Data Protection for VMware	<=7.1.6.3
IBM Tivoli Storage Manager for Virtual Environments Data Protection for VMware	=7.1.0.0
Linux kernel
Microsoft Windows

Remedy

http://www.ibm.com/support/docview.wss?uid=swg21996198

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6110?
CVE-2016-6110 is categorized as a moderate severity vulnerability due to the exposure of unencrypted login credentials.
How do I fix CVE-2016-6110?
To mitigate CVE-2016-6110, users should update their IBM Tivoli Storage Manager to version 7.1.6.4 or later.
Who is affected by CVE-2016-6110?
CVE-2016-6110 affects IBM Tivoli Storage Manager versions up to 7.1.6.3 and version 7.1.0.0.
What impact does CVE-2016-6110 have?
The impact of CVE-2016-6110 allows local users to potentially access unencrypted VMware vCenter login credentials.
Is there a workaround for CVE-2016-6110?
A potential workaround for CVE-2016-6110 includes restricting local user access to the IBM Tivoli Storage Manager where possible.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/remedy
agent/description
agent/softwarecombine
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm tivoli storage manager
version/ibm tivoli storage manager/7.1.6.3
version/ibm tivoli storage manager/7.1.0.0
canonical/ibm tivoli storage manager for virtual environments data protection for vmware
version/ibm tivoli storage manager for virtual environments data protection for vmware/7.1.6.3
version/ibm tivoli storage manager for virtual environments data protection for vmware/7.1.0.0
vendor/linux
canonical/linux kernel
vendor/microsoft
canonical/microsoft windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.