CVE-2010-3760 — IBM Tivoli Storage Manager Fastback vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

CNA5.0

EPSS

0.8%

top 26.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tivoli Storage Manager Fastback

Timeline

PublishedOct 5

Latest updateMay 17

Description

FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash, and recovery failure) by specifying a large size value within TCP packet data. NOTE: this might overlap CVE-2010-3061.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDibm/tivoli_storage_manager_fastback10 versions+9

🔴Vulnerability Details

GHSA

GHSA-xxm7-5wvh-7jr4: FastBackMount↗2022-05-17

▶

CVEList

CVE-2010-3760: FastBackMount↗2010-10-05

▶