CVE-2007-5819

2007-11-0518:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

References

secunia.com/advisories/27473

www-1.ibm.com/support/docview.wss?uid=swg1IC54264

www.securityfocus.com/bid/26293

www.vupen.com/english/advisories/2007/3683

exchange.xforce.ibmcloud.com/vulnerabilities/38215