CVE-2014-4817

Опубликовано: 18 нояб. 2014

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686874
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/95444
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686874
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/95444

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.1.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.4.4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.5.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00152

Низкий

2.1 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-xw73-7wrh-3rgp

github

больше 3 лет назад