IBM TSM for Virtual Environments < Windows Domain Credential Disclosure

Medium Nessus Plugin ID 97141


A backup application installed on the remote host is affected by a credential disclosure vulnerability.


The IBM Tivoli Storage Manager (TSM) for Virtual Environments installed on the remote host is a version later than but prior to It is, therefore, affected by an unspecified flaw in the vSphere GUI that allows an authenticated, remote attacker to disclose Windows domain credentials.


Upgrade to Tivoli Storage Manager for Virtual Environments version or later.

See Also

Plugin Details

Severity: Medium

ID: 97141

File Name: tivoli_storage_manager_virtual_environments_vmware_CVE-2016-6034.nasl

Version: $Revision: 1.3 $

Type: local

Family: Misc.

Published: 2017/02/14

Modified: 2017/02/17

Dependencies: 86327, 86326

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 6.8

Temporal Score: 6.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments, cpe:/a:ibm:spectrum_protect_for_virtual_environments, cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware

Required KB Items: installed_sw/Tivoli Storage Manager for Virtual Environments

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/12/12

Vulnerability Publication Date: 2016/12/12

Reference Information

CVE: CVE-2016-6034

OSVDB: 148515

IAVA: 2017-A-0038