This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
A backup application installed on the remote host is affected by a
remote command execution vulnerability.
The version of IBM Tivoli Storage Manager (TSM) for Virtual
Environments installed on the remote host is 6.3.x prior to 126.96.36.199,
6.4.x prior to 188.8.131.52, or 7.1.x prior to 184.108.40.206. It is, therefore,
affected by multiple vulnerabilities :
- An unspecified flaw exists in the user interface that
allows an unauthenticated, remote attacker to perform
backup and restore operations and to execute TSM
administrative commands. (CVE-2015-7425)
- A privilege escalation vulnerability exists in the IBM
Data Protection Extension. An authenticated, remote
attacker can exploit this to select an existing virtual
machine from the vSphere inventory and perform a restore
operation even though the attacker does not have the
privilege level required for the operation. The restore
operation will not overwrite the existing virtual
machine but instead will create a new virtual machine
with the same data as the existing virtual machine.
After the restore creates the new virtual machine, the
attacker can then access its unencrypted data,
regardless of access permissions to the existing virtual
machine data. Note that this issue only applies to
version 7.1.x prior to 7.1.4. (CVE-2015-7429)
See also :
Upgrade to Tivoli Storage Manager for Virtual Environments version
220.127.116.11 / 18.104.22.168 / 22.214.171.124 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true