CVE-2013-6714 — IBM Tivoli Storage Flashcopy Manager vulnerability

CWE-2643 documents3 sources

Severity

4.1MEDIUMNVD

EPSS

0.1%

top 84.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tivoli Storage Flashcopy Manager

Timeline

PublishedMay 26

Latest updateMay 17

Description

The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 2.7 | Impact: 6.4

Affected Packages1 packages

▶NVDibm/tivoli_storage_flashcopy_manager6 versions+5

🔴Vulnerability Details

GHSA

GHSA-vmh9-5h46-hj5w: The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3↗2022-05-17

▶

CVEList

CVE-2013-6714: The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3↗2014-05-26

▶