PatchSiren

PatchSiren cyber security CVE debrief

CVE-2016-6110 IBM CVE debrief

CVE-2016-6110 describes a credential-disclosure issue in IBM Tivoli Storage Manager and IBM Tivoli Storage Manager for Virtual Environments Data Protection for VMware. According to NVD, a local user could obtain unencrypted login credentials for VMware vCenter. The issue is scored medium overall, with high confidentiality impact and no direct integrity or availability impact.

Vendor
IBM
Product
CVE-2016-6110
CVSS
MEDIUM 6.5
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-01
Original CVE updated
2026-05-13
Advisory published
2017-02-01
Advisory updated
2026-05-13

Who should care

Administrators running IBM Tivoli Storage Manager or Tivoli Storage Manager for Virtual Environments Data Protection for VMware, especially on systems where local users may have access, should treat this as a credential exposure risk affecting VMware vCenter authentication.

Technical summary

NVD maps the vulnerability to IBM Tivoli Storage Manager versions up to 7.1.6.3 and the VMware Data Protection for VMware component up to 7.1.6.3, with a separate 7.1.0.0 CPE entry also marked vulnerable. The CVSS vector is CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N, and NVD lists CWE-255. The core issue is that login credentials to VMware vCenter may be stored or handled in unencrypted form such that a local user could retrieve them.

Defensive priority

Medium. The issue requires local access, but the exposure is sensitive because it can reveal vCenter credentials and enable follow-on access outside the affected host.

Recommended defensive actions

  • Review the IBM PSIRT advisory and apply the vendor patch or update referenced for CVE-2016-6110.
  • Restrict local access on affected systems to reduce the chance that a local user can obtain exposed credentials.
  • Audit any VMware vCenter credentials used by the affected IBM components and rotate them if exposure is suspected.
  • Verify whether your environment uses the Tivoli Storage Manager for Virtual Environments Data Protection for VMware component and compare installed versions against the affected CPE ranges in NVD.
  • Monitor for unexpected use of VMware vCenter credentials associated with the affected backup or virtualization management workflow.

Evidence notes

All substantive facts are drawn from the supplied NVD CVE record and linked IBM/third-party references. NVD describes the issue as unencrypted login credentials to VMware vCenter that could be obtained by a local user, assigns CVSS 3.0 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N, and lists CWE-255. The supplied references include the IBM PSIRT advisory (ref-4) and SecurityFocus BID 95306 (ref-5). Published date used here is the CVE record publication date: 2017-02-01T22:59:00.667Z; modified date: 2026-05-13T00:24:29.033Z.

Official resources

Publicly disclosed in the CVE record on 2017-02-01, with IBM vendor advisory and NVD references available in the source corpus. The record was later modified on 2026-05-13.