CVE-2013-5371IBM Tivoli Storage Manager vulnerability

CWE-2643 documents3 sources
Severity
2.1LOWNVD
EPSS
0.0%
top 87.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Storage Manager
Timeline
PublishedJan 23
Latest updateMay 17

Description

The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/tivoli_storage_manager6.3.1, 6.4.0+1

🔴Vulnerability Details

2
GHSA
GHSA-8w93-h4wx-3pgr: The client in IBM Tivoli Storage Manager (TSM) 62022-05-17
CVEList
CVE-2013-5371: The client in IBM Tivoli Storage Manager (TSM) 62014-01-23
CVE-2013-5371 — IBM vulnerability | cvebase