We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2016-8940



Description

IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these product specific database tables may allow access to passwords or other sensitive information for the product. IBM Reference #: 1998946.

Reserved 2016-10-25 | Published 2017-03-07 | Updated 2024-08-06 | Assigner ibm

Problem types

Obtain Information

Product status

5.3.5.3
affected

5.4.1.2
affected

4.2
affected

4.2.1
affected

5.1.8
affected

5.2.5.1
affected

5.2.7
affected

5.2.8
affected

5.2.9
affected

5.3.0
affected

5.3.1
affected

5.3.2
affected

5.3.3
affected

5.4.4.0
affected

5.4.2.4
affected

5.4.2.3
affected

5.4.2.2
affected

5.3.6.9
affected

5.3.6.2
affected

5.3.6.1
affected

5.3.4
affected

5.2.5.3
affected

5.2.5.2
affected

5.2.4
affected

5.3.5.1
affected

5.3.2.4
affected

6.0
affected

5.1.0
affected

5.1.1
affected

5.1.10
affected

5.1.5
affected

5.1.6
affected

5.1.7
affected

5.1.9
affected

5.2.0
affected

5.2.1
affected

4.2.2
affected

4.2.3
affected

4.2.4
affected

5.2.2
affected

5.3
affected

5.2 Client
affected

5.4 Client
affected

5.5.7
affected

5.2.3.4 Client
affected

5.5.1.0
affected

5.5.1.6
affected

5.4
affected

5.5
affected

6.1
affected

6.2
affected

6.3
affected

6.4
affected

7.1
affected

References

www.ibm.com/support/docview.wss?uid=swg21998946

cve.org (CVE-2016-8940)

nvd.nist.gov (CVE-2016-8940)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2016-8940

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.