Lucene search

[email protected]NVD:CVE-2016-5934

HistoryFeb 08, 2017 - 10:59 p.m.

CVE-2016-5934

2017-02-0822:59:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.003

Percentile

70.8%

JSON

IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. By placing a specially-crafted DLL in the victim’s path, an attacker could exploit this vulnerability when the installer is executed to run arbitrary code on the system with privileges of the victim.

Affected configurations

Nvd

Node

ibmtivoli_storage_manager_fastbackdemo

VendorProductVersionCPE
ibmtivoli_storage_manager_fastback*cpe:2.3:a:ibm:tivoli_storage_manager_fastback:*:*:*:*:demo:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_storage_manager_fastback	*	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:::::demo:::*

References

www.ibm.com/support/docview.wss?uid=swg21988908

www.securityfocus.com/bid/92614

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.003

Percentile

70.8%

JSON

Related for NVD:CVE-2016-5934

cvelist1 prion1 ibm1 cve1