IBM Support

Security Bulletin: A security vulnerability has been identified in the Tivoli Storage Manager Client shipped with IBM Tivoli Storage FlashCopy Manager for Windows (CVE-2015-0287)

Created by Robyn Stillwell on
Published URL:
https://www.ibm.com/support/pages/node/540077
540077

Security Bulletin


Summary

The IBM Tivoli Storage Manger client (IBM Spectrum Protect) is shipped as a component of IBM Tivoli Storage FlashCopy Manager for Windows (IBM Spectrum Protect Snapshot). Information about a security vulnerability affecting the IBM Tivoli Manager client has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Vulnerabilities in OpenSSL affect the IBM Tivoli Storage Manager Client and IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (CVE-2015-0287) for vulnerability details and information about the fixes. Note that this security bulletin has been updated on 11/1/2016 to include NetApp fixes.

Affected Products and Versions

Principal Product and Version(s)

Affected Supporting Product and Version
IBM Tivoli Storage Manager FlashCopy Manager for Windows version 4.1Tivoli Storage Manager client version 7.1.
IBM Tivoli Storage Manager FlashCopy Manager
for Windows version 3.2
Tivoli Storage Manager client version 6.4
Tivoli Storage Manager FlashCopy Manager
for Windows version 3.1
Tivoli Storage Manager client version 6.3

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Acknowledgement

None

Change History

01 February 2016: Original version published.
22 February 2016: Added CVE number to title and url link name
01 November 2016; Updated to note that the client bulletin has been updated to include the NetApp fixes.

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Product":{"code":"SS36V9","label":"Tivoli Storage FlashCopy Manager"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"--","Platform":[{"code":"PF033","label":"Windows"}],"Version":"3.1;3.2;4.1","Edition":"All Editions","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
17 June 2018

UID

swg21975478