CVE-2016-5927 Information

Description

IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6 6.4.x before 6.4.3.3 and 7.1.x before 7.1.6 when certain dsmsetpw tracing is configured allows local users to discover an encrypted password by reading application-trace output.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

http://www.securityfocus.com/bid/92723 http://www-01.ibm.com/support/docview.wss?uid=swg1IT15203 http://www-01.ibm.com/support/docview.wss?uid=swg21989006

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.5