Detections
Analytics

IBM TSM for Virtual Environments 6.3.x < 6.3.2.5 / 6.4.x < 6.4.3.1 / 7.1.x < 7.1.4.0 RCE

critical Nessus Plugin ID 87823

Language:

Synopsis

A backup application installed on the remote host is affected by a remote command execution vulnerability.

Description

The version of IBM Tivoli Storage Manager (TSM) for Virtual Environments installed on the remote host is 6.3.x prior to 6.3.2.5, 6.4.x prior to 6.4.3.1, or 7.1.x prior to 7.1.4.0. It is, therefore, affected by multiple vulnerabilities :

 - An unspecified flaw exists in the user interface that allows an unauthenticated, remote attacker to perform backup and restore operations and to execute TSM administrative commands. (CVE-2015-7425)

 - A privilege escalation vulnerability exists in the IBM Data Protection Extension. An authenticated, remote attacker can exploit this to select an existing virtual machine from the vSphere inventory and perform a restore operation even though the attacker does not have the privilege level required for the operation. The restore operation will not overwrite the existing virtual machine but instead will create a new virtual machine with the same data as the existing virtual machine.
 After the restore creates the new virtual machine, the attacker can then access its unencrypted data, regardless of access permissions to the existing virtual machine data. Note that this issue only applies to version 7.1.x prior to 7.1.4. (CVE-2015-7429)

Solution

Upgrade to Tivoli Storage Manager for Virtual Environments version 6.3.2.5 / 6.4.3.1 / 7.1.4.0 or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21973086

http://www-01.ibm.com/support/docview.wss?uid=swg21973087

Plugin Details

Severity: Critical

ID: 87823

File Name: tivoli_storage_manager_virtual_environments_vmware_CVE-2015-7426.nasl

Version: 1.11

Type: local

Family: Misc.

Published: 1/8/2016

Updated: 8/1/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments, cpe:/a:ibm:spectrum_protect_for_virtual_environments, cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware

Required KB Items: installed_sw/Tivoli Storage Manager for Virtual Environments

Exploit Ease: No known exploits are available

Patch Publication Date: 12/11/2015

Vulnerability Publication Date: 12/11/2015

Reference Information

CVE: CVE-2015-7425, CVE-2015-7429

BID: 79541, 79545