CVE-2016-6034 IBM CVE debrief

Who should care

IBM Tivoli Storage Manager for Virtual Environments / Data Protection for VMware administrators, especially teams that manage privileged access, backup infrastructure, and Windows domain credentials.

Technical summary

NVD classifies this as CVSS 3.0 AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N with CWE-200. The affected CPEs in the supplied record include IBM Tivoli Storage Manager for Virtual Environments Data Protection for VMware versions 7.1.3, 7.1.4, 7.1.4.0, 7.1.6, 7.1.6.2, and 7.1.6.3. The issue is described as potential disclosure of Windows domain credentials to a user with a high level of privileges.

Defensive priority

Medium

Recommended defensive actions

• Check whether any deployed IBM Tivoli Storage Manager for Virtual Environments / Data Protection for VMware instances match the affected CPE versions listed in the NVD record.
• Apply IBM’s vendor patch or remediation guidance referenced in the IBM advisory linked from NVD.
• Review privileged-access controls around the product, since exploitation requires a user with high privileges.
• Audit where Windows domain credentials are stored or exposed by the backup environment and confirm they are not accessible to unauthorized privileged users.
• Use the NVD record and IBM advisory as the authoritative source for remediation status and version-specific guidance.

Evidence notes

All facts in this debrief are taken from the supplied NVD metadata and its referenced IBM vendor advisory link. The supplied record identifies the weakness as CWE-200 and provides the CVSS 3.0 vector AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N. The record also lists the affected IBM VMware-related versions and the IBM support document as the patch/vendor reference.

Official resources