IBM Support

Security Bulletin: A security vulnerability has been identified in IBM Tivoli Storage Manager that affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (CVE-2016-2894)

Created by Robyn Stillwell on
Published URL:
https://www.ibm.com/support/pages/node/551559
551559

Security Bulletin


Summary

The IBM Tivoli Storage Manger (IBM Spectrum Protect) Client is used as a component of IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (IBM Spectrum Protect for Virtual Environments). Information about a security vulnerability affecting the IBM Tivoli Manager Client has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Unauthorized Access Vulnerability affects IBM Tivoli Storage Manager (CVE-2016-2894) for vulnerability details and information about the fixes

Affected Products and Versions

Principal Product and Version(s)

Affected Supporting Product and Version
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (IBM Spectrum Protect for Virtual Environments) version 7.1IBM Tivoli Storage Manager Client version 7.1
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware version 6.4IBM Tivoli Storage Manager Client version 6.4
IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware version 6.3IBM Tivoli Storage Manager Client version 6.3
Notes:
Within the Tivoli Storage Manager for Virtual Environments: Data Protection for VMware product, the Tivoli Storage Manager client is also referred to as the data mover.

Be aware that all Data Protection for VMware functional components, which includes the TSM client and API, must be at the same Fix Pack level. Within a given Fix Pack level, the interim fix level can differ.

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

9 September 2016 - Original version published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Product":{"code":"SS8TDQ","label":"Tivoli Storage Manager for Virtual Environments"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Data Protection for VMware","Platform":[{"code":"PF016","label":"Linux"}],"Version":"6.3;6.4;7.1","Edition":"All Editions","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
17 June 2018

UID

swg21990299