Vulnerability Description
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure."
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager | 5.1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/34498Vendor Advisory
- http://securitytracker.com/id?1021947
- http://www-01.ibm.com/support/docview.wss?uid=swg21375360
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC37554Vendor Advisory
- http://www.securityfocus.com/bid/34285
- http://www.vupen.com/english/advisories/2009/0881Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49536
- http://secunia.com/advisories/34498Vendor Advisory
- http://securitytracker.com/id?1021947
- http://www-01.ibm.com/support/docview.wss?uid=swg21375360
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC37554Vendor Advisory
- http://www.securityfocus.com/bid/34285
- http://www.vupen.com/english/advisories/2009/0881Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49536
FAQ
What is CVE-2003-1570?
CVE-2003-1570 is a vulnerability with a CVSS score of 3.5 (LOW). The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote aut...
How severe is CVE-2003-1570?
CVE-2003-1570 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1570?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager.