Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIbmCVELIST:CVE-2017-1301
HistoryOct 02, 2017 - 12:00 a.m.

CVE-2017-1301

2017-10-0200:00:00
ibm
www.cve.org

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. IBM X-Force ID: 125163.

CNA Affected

[
  {
    "product": "Spectrum Protect",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.1"
      },
      {
        "status": "affected",
        "version": "8.1"
      }
    ]
  }
]

Related

prion 1
cve 1
ibm 1
nvd 1
prion
prion
Code injection
2017-10-05 17:29:00
cve
cve
CVE-2017-1301
2017-10-05 17:29:00
ibm
ibm
Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Unix Clients are vulnerable to unauthorized access to files by non-privileged users (CVE-2017-1301)
2019-02-07 23:00:01
nvd
nvd
CVE-2017-1301
2017-10-05 17:29:00

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVELIST:CVE-2017-1301
prion1cve1ibm1nvd1