PatchSiren cyber security CVE debrief

CVE-2016-6044 IBM CVE debrief

CVE-2016-6044 is a medium-severity access-control issue in IBM Tivoli Storage Manager Operations Center. According to the NVD record, an authenticated attacker could enable or disable the application's REST API, which may let them bypass intended operational policy boundaries. The issue was publicly disclosed in the NVD record on 2017-02-01, with IBM PSIRT advisory references included in the record.

Vendor: IBM
Product: CVE-2016-6044
CVSS: MEDIUM 4.3
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-01
Original CVE updated: 2026-05-13
Advisory published: 2017-02-01
Advisory updated: 2026-05-13

Who should care

IBM Tivoli Storage Manager administrators, backup/storage platform owners, and security teams responsible for controlling administrative access to the Operations Center and its REST API. Environments that rely on the REST API being consistently enabled or disabled by policy should treat this as a configuration-integrity issue.

Technical summary

NVD maps this issue to CWE-284 (Improper Access Control). The CVSS v3.0 vector is AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N, indicating a network-reachable issue requiring low privileges and no user interaction, with limited integrity impact. The vulnerable scope in NVD includes IBM Tivoli Storage Manager releases listed in the record, such as 6.4.1 through 7.1.7 variants. The core behavior described is that an authenticated attacker can toggle the REST API state, potentially undermining security policy or administrative controls.

Defensive priority

Medium. The flaw requires authenticated access and the impact described by NVD is limited, but it directly affects control over a management API and can violate security policy. Prioritize it if the REST API is used in restricted or audited configurations, or if multiple administrators or delegated operators have access.

Recommended defensive actions

Apply the IBM-provided update or remediation referenced in the vendor advisory linked from the NVD record.
Review who has authenticated administrative access to IBM Tivoli Storage Manager Operations Center and remove unnecessary privileges.
Verify the REST API is configured to the intended policy state after remediation and during routine change control.
Monitor audit and system logs for unexpected changes to REST API enablement or disablement.
If available in your environment, restrict administrative access to trusted hosts and management networks.

Evidence notes

This debrief is based only on the supplied NVD CVE record and linked references. The NVD entry for CVE-2016-6044 states that an authenticated attacker could enable or disable the application's REST API and lists CWE-284. The record also includes IBM PSIRT advisory and SecurityFocus references, and enumerates affected IBM Tivoli Storage Manager versions in the CPE criteria. No exploit details or unverified remediation steps are included.

Official resources

CVE-2016-6044 CVE record
CVE.org
CVE-2016-6044 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry

Publicly disclosed in the NVD record on 2017-02-01; the supplied 2026-05-13 modified timestamp reflects record maintenance, not the original vulnerability date.