CVE-2015-4927

CWE-2643 documents3 sources
Severity
7.2HIGH
EPSS
0.0%
top 89.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Storage Manager
Timeline
PublishedNov 4
Latest updateMay 17

Description

The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/tivoli_storage_manager7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-353h-m44v-j273: The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 62022-05-17
CVEList
CVE-2015-4927: The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 62015-11-04
CVE-2015-4927 (HIGH CVSS 7.2) | The Reporting and Monitoring compon | cvebase.io