CVE-2015-8522

Опубликовано: 05 апр. 2016

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8521.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg21975536
Vendor Advisory
http://www.securityfocus.com/bid/84163
http://www-01.ibm.com/support/docview.wss?uid=swg21975536
Vendor Advisory
http://www.securityfocus.com/bid/84163

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.10.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.10.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.11.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.11.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.12.1:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08911

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-89gf-jgjg-8hj9

CVSS3: 9.8

github

больше 3 лет назад

BDU:2016-00947

fstec

почти 10 лет назад

Уязвимость программы управления хранением данных IBM Tivoli Storage Manager FastBack, позволяющая нарушителю выполнить произвольный код