Lucene search
HistoryNov 18, 2014 - 11:59 p.m.
CVE-2014-4817
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
53.0%
The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.
Affected configurations
Node
ibmtivoli_storage_managerMatch5.1.0
ORibmtivoli_storage_managerMatch5.1.1
ORibmtivoli_storage_managerMatch5.1.5
ORibmtivoli_storage_managerMatch5.1.6
ORibmtivoli_storage_managerMatch5.1.7
ORibmtivoli_storage_managerMatch5.1.8
ORibmtivoli_storage_managerMatch5.1.9
ORibmtivoli_storage_managerMatch5.1.10
ORibmtivoli_storage_managerMatch5.2
ORibmtivoli_storage_managerMatch5.2.0
ORibmtivoli_storage_managerMatch5.2.1
ORibmtivoli_storage_managerMatch5.2.2
ORibmtivoli_storage_managerMatch5.2.4
ORibmtivoli_storage_managerMatch5.2.5.1
ORibmtivoli_storage_managerMatch5.2.5.2
ORibmtivoli_storage_managerMatch5.2.5.3
ORibmtivoli_storage_managerMatch5.2.7
ORibmtivoli_storage_managerMatch5.2.8
ORibmtivoli_storage_managerMatch5.2.9
ORibmtivoli_storage_managerMatch5.3
ORibmtivoli_storage_managerMatch5.3.0
ORibmtivoli_storage_managerMatch5.3.1
ORibmtivoli_storage_managerMatch5.3.2
ORibmtivoli_storage_managerMatch5.3.2.4
ORibmtivoli_storage_managerMatch5.3.3
ORibmtivoli_storage_managerMatch5.3.4
ORibmtivoli_storage_managerMatch5.3.5.1
ORibmtivoli_storage_managerMatch5.3.6.1
ORibmtivoli_storage_managerMatch5.3.6.2
ORibmtivoli_storage_managerMatch5.3.6.3
ORibmtivoli_storage_managerMatch5.3.6.4
ORibmtivoli_storage_managerMatch5.3.6.5
ORibmtivoli_storage_managerMatch5.3.6.6
ORibmtivoli_storage_managerMatch5.4
ORibmtivoli_storage_managerMatch5.4.0
ORibmtivoli_storage_managerMatch5.4.1
ORibmtivoli_storage_managerMatch5.4.2
ORibmtivoli_storage_managerMatch5.4.2.2
ORibmtivoli_storage_managerMatch5.4.2.3
ORibmtivoli_storage_managerMatch5.4.2.4
ORibmtivoli_storage_managerMatch5.4.3.0
ORibmtivoli_storage_managerMatch5.4.3.2
ORibmtivoli_storage_managerMatch5.4.3.3
ORibmtivoli_storage_managerMatch5.4.4.0
ORibmtivoli_storage_managerMatch5.5.0
ORibmtivoli_storage_managerMatch5.5.1
ORibmtivoli_storage_managerMatch5.5.2
ORibmtivoli_storage_managerMatch5.5.3
ORibmtivoli_storage_managerMatch5.5.4
ORibmtivoli_storage_managerMatch5.5.4.1
ORibmtivoli_storage_managerMatch6.0
ORibmtivoli_storage_managerMatch6.1.0
ORibmtivoli_storage_managerMatch6.1.1
ORibmtivoli_storage_managerMatch6.1.2
ORibmtivoli_storage_managerMatch6.1.3
ORibmtivoli_storage_managerMatch6.1.4
ORibmtivoli_storage_managerMatch6.1.5
ORibmtivoli_storage_managerMatch6.1.5.4
ORibmtivoli_storage_managerMatch6.2.0
ORibmtivoli_storage_managerMatch6.2.0.0
ORibmtivoli_storage_managerMatch6.2.1
ORibmtivoli_storage_managerMatch6.2.2
ORibmtivoli_storage_managerMatch6.2.3
ORibmtivoli_storage_managerMatch6.2.4
ORibmtivoli_storage_managerMatch6.2.4.4
ORibmtivoli_storage_managerMatch6.2.4.7
ORibmtivoli_storage_managerMatch6.2.6
ORibmtivoli_storage_managerMatch6.2.7
ORibmtivoli_storage_managerMatch6.3.0
ORibmtivoli_storage_managerMatch6.3.0.0
ORibmtivoli_storage_managerMatch6.3.0.1
ORibmtivoli_storage_managerMatch6.3.0.17
ORibmtivoli_storage_managerMatch6.3.1
ORibmtivoli_storage_managerMatch6.3.2
ORibmtivoli_storage_managerMatch6.3.2.1
ORibmtivoli_storage_managerMatch6.3.3
ORibmtivoli_storage_managerMatch6.3.4
ORibmtivoli_storage_managerMatch6.3.5
ORibmtivoli_storage_managerMatch6.3.5.1
ORibmtivoli_storage_managerMatch6.4.0
ORibmtivoli_storage_managerMatch6.4.0.0
ORibmtivoli_storage_managerMatch6.4.1
ORibmtivoli_storage_managerMatch6.4.2
ORibmtivoli_storage_managerMatch7.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | tivoli_storage_manager | 5.1.0 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.1 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.5 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.6 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.7 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.7:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.8 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.9 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.9:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.1.10 | cpe:2.3:a:ibm:tivoli_storage_manager:5.1.10:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.2 | cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.2.0 | cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2014-4817
2014-11-18 23:59:00
prion
prion
Design/Logic Flaw
2014-11-18 23:59:00
nessus
nessus
Tivoli Storage Manager Server Unauthorized Backup File Displacement
2015-02-24 00:00:00
cvelist
cvelist
CVE-2014-4817
2014-11-18 23:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
53.0%
Related for NVD:CVE-2014-4817