← back
CVE-2016-2894

CVE-2016-2894

EPSS 0.3%
IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT13686http://www-01.ibm.com/support/docview.wss?uid=swg21985579http://www.securityfocus.com/bid/91534http://www.securitytracker.com/id/1036220