CVE-2015-7426

CRITICAL

IBM Tivoli Storage Manager <7.1.3.0 & Spectrum Protect Snapshot <4....

Title source: llm
STIX 2.1

Description

The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 7.1 before 7.1.3.0 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 4.1 before 4.1.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21971484

Scores

CVSS v3 10.0
EPSS 0.0252
EPSS Percentile 82.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (2)
ibm/spectrum_protect_for_virtual_environments 7.1
ibm/spectrum_protect_snapshot 4.1
Published Jan 02, 2016
Tracked Since Feb 18, 2026