Symlink Vulnerability in IBM Spectrum Protect
CVE-2016-2894 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions.
Learn more about our User Device Pen Test.