Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-4950
HistoryAug 23, 2015 - 2:59 p.m.

CVE-2015-4950

2015-08-2314:59:01
CWE-200
[email protected]
web.nvd.nist.gov
18
ibm
tivoli storage manager
mailbox-restore
data protection
microsoft exchange server
vulnerability

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.3%

JSON

The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for Microsoft Exchange Server 2.1, 2.2, 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.1; and Tivoli Storage Manager FastBack for Microsoft Exchange 6.1 before 6.1.5.4 does not ensure that the correct mailbox is selected, which allows remote authenticated users to obtain sensitive information via a duplicate alias name.

Affected configurations

NVD
Node
ibmtivoli_storage_fastback_for_microsoft_exchangeMatch6.1
OR
ibmtivoli_storage_flashcopy_manager_for_microsoft_exchange_serverMatch2.1
OR
ibmtivoli_storage_flashcopy_manager_for_microsoft_exchange_serverMatch2.2
OR
ibmtivoli_storage_flashcopy_manager_for_microsoft_exchange_serverMatch3.1
OR
ibmtivoli_storage_flashcopy_manager_for_microsoft_exchange_serverMatch3.2
OR
ibmtivoli_storage_flashcopy_manager_for_microsoft_exchange_serverMatch4.1
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.1
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.1.1
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.1.2
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.1.3
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.3
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.3.1
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.4
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch6.4.1
OR
ibmtivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serverMatch7.1
CPENameOperatorVersion
ibm:tivoli_storage_fastback_for_microsoft_exchangeibm tivoli storage fastback for microsoft exchangeeq6.1
ibm:tivoli_storage_flashcopy_manager_for_microsoft_exchange_serveribm tivoli storage flashcopy manager for microsoft exchange servereq2.1
ibm:tivoli_storage_flashcopy_manager_for_microsoft_exchange_serveribm tivoli storage flashcopy manager for microsoft exchange servereq2.2
ibm:tivoli_storage_flashcopy_manager_for_microsoft_exchange_serveribm tivoli storage flashcopy manager for microsoft exchange servereq3.1
ibm:tivoli_storage_flashcopy_manager_for_microsoft_exchange_serveribm tivoli storage flashcopy manager for microsoft exchange servereq3.2
ibm:tivoli_storage_flashcopy_manager_for_microsoft_exchange_serveribm tivoli storage flashcopy manager for microsoft exchange servereq4.1
ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serveribm tivoli storage manager for mail data protection for microsoft exchange servereq6.1
ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serveribm tivoli storage manager for mail data protection for microsoft exchange servereq6.1.1
ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serveribm tivoli storage manager for mail data protection for microsoft exchange servereq6.1.2
ibm:tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_serveribm tivoli storage manager for mail data protection for microsoft exchange servereq6.1.3
Rows per page:
1-10 of 151

Related

ibm 1
prion 1
cvelist 1
nvd 1
ibm
ibm
Security Bulletin: Confidential data exposure when restoring Microsoft Exchange mailboxes which have the same alias defined CVE-2015-4950
2018-06-17 15:07:33
prion
prion
Design/Logic Flaw
2015-08-23 14:59:00
cvelist
cvelist
CVE-2015-4950
2015-08-23 14:00:00
nvd
nvd
CVE-2015-4950
2015-08-23 14:59:01

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.3%

JSON
Related for CVE-2015-4950
ibm1prion1cvelist1nvd1