IBM TSM for Virtual Environments 6.4.x < 188.8.131.52 / 7.1.x < 184.108.40.206 RCE
High Nessus Plugin ID 93127
SynopsisA backup application installed on the remote host is affected by a remote command execution vulnerability.
DescriptionThe version of IBM Tivoli Storage Manager (TSM) for Virtual Environments installed on the remote host is 6.4.x prior to 220.127.116.11 or 7.1.x prior to 18.104.22.168. It is, therefore, affected by an unspecified flaw in the GUI that allows an authenticated, remote attacker in limited cases to exercise certain commands that require administrative credentials without having these credentials.
SolutionUpgrade to Tivoli Storage Manager for Virtual Environments version 22.214.171.124 / 126.96.36.199 or later.