CVE-2016-2988

HIGH Year: 2016
CVSS v3 Score
8.5
High
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-264
View all →

Vulnerability Description

IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins.

Related Vulnerabilities

CVE-2016-7462

HIGH
CVSS:8.5(High)

The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a rela...

CWE-2642016

CVE-2013-1340

HIGH
CVSS:8.4(High)

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012...

CWE-2642013

CVE-2015-6850

HIGH
CVSS:8.4(High)

EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session.

CWE-2642015

CVE-2015-6860

HIGH
CVSS:8.4(High)

HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859.

CWE-2642015

CVE-2015-7430

HIGH
CVSS:8.4(High)

The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecifi...

CWE-2642015

CVE-2015-8279

HIGH
CVSS:8.6(High)

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.

CWE-2642015