Vulnerabilities for Tivoli storage productivity center (...) - CXSECURITY.COM

Vulnerabilities for
'Tivoli storage productivity center'

2017-02-01

CVE-2016-8943

IBM Tivoli Storage Productivity Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2016-8942

IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge of the system to edit a limited set of properties on the server.

CVE-2016-8941

IBM Tivoli Storage Productivity Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

2016-09-26

CVE-2016-5947

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

CVE-2016-5946

Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.

CVE-2016-5945

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request.

CVE-2016-5944

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string.

CVE-2016-5943

CWE-284

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors.

>>> Vendor: IBM 1045 Products

Lotus domino mail server

Lotus domino server

Aix enetwork firewall

Websphere application server

Tivoli opc tracker agent

Netfinity remote control

System data repository

Navio nc browser

Network station manager

Http server ssl module common

Tivoli management framework

Db2 universal database

Websphere plugin

Net.commerce hosting server

Websphere commerce suite

High availability cluster multiprocessing

Informix web datablade

Tivoli secureway policy director

Alphaworks tftp server

Secureway directory

Lotus domino r5

Visualage for java

Tivoli storage manager

Websphere caching proxy server

Secureway firewall

Aix parallel systems support programs

Lotus notes client

Lotus domino web server

Tivoli firewall toolbox

Internet security systems blackice defender

Websphere edge server caching proxy

Informix dynamic server

Informix extended parallel server

Parallel environment

Trading partner interchange

Tivoli directory server

Tivoli access manager for e-business

Tivoli access manager identity manager solution

Tivoli configuration manager

Tivoli configuration manager for atm

Websphere everyplace server

Hardware management console

Rational clearquest

Lotus domino enterprise server

Db2 content manager

Informix dynamic database server

Lotus domino inotes client

Tivoli business systems manager

Network appliance data ontap

Lotus domino web access

Inventory scout

Client security password manager

Informix client sdk

Informix i-connect

Websphere host on-demand

Tivoli identity manager

Filenet p8 application engine

Tivoli provisioning manager os deployment

Tivoli business service manager

Tivoli monitoring express

See all Products for Vendor IBM

Copyright 2024, cxsecurity.com