CVE-2014-4817IBM Tivoli Storage Manager vulnerability

CWE-2643 documents3 sources
Severity
2.1LOWNVD
EPSS
0.2%
top 64.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Storage Manager
Timeline
PublishedNov 18
Latest updateMay 17

Description

The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/tivoli_storage_manager84 versions+83

🔴Vulnerability Details

2
GHSA
GHSA-xw73-7wrh-3rgp: The server in IBM Tivoli Storage Manager (TSM) 52022-05-17
CVEList
CVE-2014-4817: The server in IBM Tivoli Storage Manager (TSM) 52014-11-18
CVE-2014-4817 — IBM vulnerability | cvebase