Lucene search

K
cve[email protected]CVE-2008-4801
HistoryOct 31, 2008 - 12:00 a.m.

CVE-2008-4801

2008-10-3100:00:00
CWE-119
web.nvd.nist.gov
22
ibm
tivoli
storage manager
buffer overflow
cve-2008-4801
security vulnerability

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.6%

Heap-based buffer overflow in the Data Protection for SQL CAD service (aka dsmcat.exe) in the Client Acceptor Daemon (CAD) and the scheduler in the Backup-Archive client 5.1.0.0 through 5.1.8.1, 5.2.0.0 through 5.2.5.2, 5.3.0.0 through 5.3.6.1, 5.4.0.0 through 5.4.2.2, and 5.5.0.0 through 5.5.0.91 in IBM Tivoli Storage Manager (TSM); and the Backup-Archive client in TSM Express; allows remote attackers to execute arbitrary code by sending a large amount of crafted data to a TCP port.

Affected configurations

NVD
Node
ibmtivoli_storage_manager_clientRange5.15.1.8.1
OR
ibmtivoli_storage_manager_clientRange5.25.2.5.2
OR
ibmtivoli_storage_manager_clientRange5.35.3.6.1
OR
ibmtivoli_storage_manager_clientRange5.45.4.2.2
OR
ibmtivoli_storage_manager_clientRange5.5.0.05.5.0.91
OR
ibmtivoli_storage_manager_express

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.6%

Related for CVE-2008-4801