IBM TSM for Virtual Environments 6.4.x < 184.108.40.206 / 7.1.x < 220.127.116.11 RCE
High Nessus Plugin ID 93127
SynopsisA backup application installed on the remote host is affected by a remote command execution vulnerability.
DescriptionThe version of IBM Tivoli Storage Manager (TSM) for Virtual Environments installed on the remote host is 6.4.x prior to 18.104.22.168 or 7.1.x prior to 22.214.171.124. It is, therefore, affected by an unspecified flaw in the GUI that allows an authenticated, remote attacker in limited cases to exercise certain commands that require administrative credentials without having these credentials.
SolutionUpgrade to Tivoli Storage Manager for Virtual Environments version 126.96.36.199 / 188.8.131.52 or later.