IBMDE65C81ED357B14515B50D0B45A2375F488C9E52522931BCCF765F790F463BB3Security Bulletin: IBM Tivoli Storage Manager FastBack Mount Buffer Overflow (CVE-2015-0120)
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.827 High
EPSS
Percentile
98.4%
Summary
IBM Tivoli Storage Manager FastBack Mount might be vulnerable to buffer overflow from the network or local machine.
Vulnerability Details
CVEID: CVE-2015-0120
DESCRIPTION:
The Mount from IBM Tivoli Storage Manager FastBack 6.1.11 and earlier versions might be vulnerable to buffer overflow from the network when a FastBack Mount port is open or from the local host.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/100418> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Affected Products and Versions
IBM Tivoli Storage Manager FastBack: 6.1.11 and earlier
Remediation/Fixes
_FastBack Release _
| First Fixing
VRMF Level| Platfom| APAR| Link to fix
—|—|—|—|—
6.1 | 6.1.11.1| Windows| None| http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Tivoli+Storage+Manager+FastBack&fixids=6.1.11.1-TIV-TSMFB-FP001&source=SAR
Workarounds and Mitigations
None
Affected configurations
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.827 High
EPSS
Percentile
98.4%