IBM Security Bulletin: Password Disclosure via application tracing in IBM Tivoli Storage Manager for Space Management (CVE-2016-5927)
IBM Tivoli Storage Manager for Space Management (IBM Spectrum Protect for Space Management) may display the Tivoli Storage Manager password when application tracing is enabled.
CVE(s): CVE-2016-5927
Affected product(s) and affected version(s):
The following levels of IBM Tivoli Storage Manager for Space Management (IBM Spectrum Protect for Space Management) are affected:
- 7.1.0.0 through 7.1.4.x
- 6.4.0.0 through 6.4.3.2
- 6.3.0.0 through 6.3.2.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ctoBNN
X-Force Database: http://ift.tt/2bTqGxh
from IBM Product Security Incident Response Team http://ift.tt/2ctqpGc