nvd-json-data-feeds/CVE-2015/CVE-2015-65xx/CVE-2015-6557.json

{
  "id": "CVE-2015-6557",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2015-08-23T01:59:03.893",
  "lastModified": "2024-11-21T02:35:13.127",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage FlashCopy Manager 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.2, when application tracing is used, place cleartext passwords in exception messages, which allows physically proximate attackers to obtain sensitive information by reading trace output, a different vulnerability than CVE-2015-4949."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server en 5.5 en versiones anteriores a 5.5.6.1, en 6.3 en versiones anteriores a 6.3.1.5, en 6.4 en versiones anteriores a 6.4.1.7 y en 7.1 en versiones anteriores a 7.1.2, Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server en en 5.5 en versiones anteriores a 5.5.1.1, en 6.1 en versiones anteriores a 6.1.3.7, en 6.3 en versiones anteriores a 6.3.1.5, en 6.4 en versiones anteriores a 6.4.1.7 y en 7.1 en versiones anteriores a 7.1.2 y en Tivoli Storage FlashCopy Manager en 3.1 en versiones anteriores a 3.1.1.5, en 3.2 en versiones anteriores a 3.2.1.7 y en 4.1 en versiones anteriores a 4.1.2, cuando se utiliza el rastreo de aplicaciones, colocando las contrase\u00f1as en texto plano en mensajes de excepci\u00f3n, permite a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible mediante la lectura de salida del rastreo, una vulnerabilidad diferente a CVE-2015-4949."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "baseScore": 2.1,
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE"
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BC01D70-F51D-4F55-A829-DFE0104AEF79"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD889452-6341-450B-9DF2-261B66A2ABB0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B5B7107-61B4-4B55-A138-7648D35497D5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "61D1CD20-0895-406E-904A-AC160C288943"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29338F6-E909-4114-97F9-F71A648AF7AE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B39B501-9095-47D7-B51C-0FF9696905D3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "525876F0-6E63-4AF3-BA34-D6B7D89131AF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84BAD8C8-87A4-41FA-B480-072363472BBA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E21B096-464F-4777-9CDD-AD2BB1850C09"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D75A51-F385-4EB3-B4F7-AF133F8A2E5A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF9535-ED13-45CF-8CB7-86096E2A0050"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE9E7E8-E64F-4053-811F-F080ADDA8DAC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3807F5-F2E0-44B1-AFD6-8752FD578E07"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3216366D-1432-4665-92B8-ABA583B0EB1E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:6.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "130BD434-03FC-4341-83A4-2772CA9C3880"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FFEEDFF-FEB6-4450-AEC0-AB6B8AB2D959"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:6.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9B5EB6-8448-4D99-846B-F2F27EC5C64E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "907E5E7D-27E2-43A0-89DD-BE9ACD8D662D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A54B90-1899-4B9C-85F3-6F1B8679FA0A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF14229-0D33-4A68-BA72-8F9CB728C1F4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40EE915-80D1-429B-A35E-0F415E96ADB3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "44FC12F3-39C7-49FD-BB60-7C21607C77DB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "881ACFC0-4354-448A-A9BB-2F5BB72358C3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6978D5-4AF1-48D6-A7D5-E0158F4C8DE3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24E7AD18-232C-4996-931F-72545CB38B3A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5124F05-4C0E-422A-8CB3-E93826767ACF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "144ED09E-DE01-450C-84DF-DEFE9E6EE48B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B8D631-0EBE-47AB-AACA-9A0BA1077C1D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:6.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D76E0E49-1486-4518-BD46-826786BAA937"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3CB08F-D41F-4441-9078-2C9E68EC2EDD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAC6E47-07B3-430C-B7E9-7E185685DD88"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963630",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963630",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}