CVE-2014-6184

2015-02-2202:59:00

CWE-787

[email protected]

web.nvd.nist.gov

cve-2014-6184

stack-based buffer overflow

ibm

tivoli

storage manager

nvd

unix

linux

os x

privilege escalation

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors.

Affected configurations

NVD

Node

ibmtivoli_storage_managerRange5.4.0–5.4.3.6

ibmtivoli_storage_managerRange5.5.0–5.5.4.3

ibmtivoli_storage_managerRange6.1.0–6.1.5.6

ibmtivoli_storage_managerRange6.2.0–6.2.5.3

ibmtivoli_storage_managerRange6.3.0–6.3.2.2

AND

applemacosMatch-

linuxlinux_kernelMatch-

opengroupunixMatch-

CPENameOperatorVersion
ibm:tivoli_storage_manageribm tivoli storage managerle5.4.3.6
ibm:tivoli_storage_manageribm tivoli storage managerle5.5.4.3
ibm:tivoli_storage_manageribm tivoli storage managerle6.1.5.6
ibm:tivoli_storage_manageribm tivoli storage managerle6.2.5.3
ibm:tivoli_storage_manageribm tivoli storage managerle6.3.2.2

CPE	Name	Operator	Version
ibm:tivoli_storage_manager	ibm tivoli storage manager	le	5.4.3.6
ibm:tivoli_storage_manager	ibm tivoli storage manager	le	5.5.4.3
ibm:tivoli_storage_manager	ibm tivoli storage manager	le	6.1.5.6
ibm:tivoli_storage_manager	ibm tivoli storage manager	le	6.2.5.3
ibm:tivoli_storage_manager	ibm tivoli storage manager	le	6.3.2.2