CVE-2009-3855

EUVD-2009-3826
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Affected Products (NVD)
VendorProductVersion
ibmtivoli_storage_manager
5.2.5.3
ibmtivoli_storage_manager
5.3
ibmtivoli_storage_manager
5.3.0
ibmtivoli_storage_manager
5.3.1
ibmtivoli_storage_manager
5.3.2
ibmtivoli_storage_manager
5.3.2.4
ibmtivoli_storage_manager
5.3.3
ibmtivoli_storage_manager
5.3.4
ibmtivoli_storage_manager
5.3.5.1
ibmtivoli_storage_manager
5.3.6.1
ibmtivoli_storage_manager
5.3.6.2
ibmtivoli_storage_manager
5.3.6.3
ibmtivoli_storage_manager
5.3.6.4
ibmtivoli_storage_manager
5.3.6.5
ibmtivoli_storage_manager
5.4.0
ibmtivoli_storage_manager
5.4.1
ibmtivoli_storage_manager
5.5.0
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/32534
http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489
http://www-01.ibm.com/support/docview.wss?uid=swg21405562
http://www.vupen.com/english/advisories/2009/3132
http://secunia.com/advisories/32534
http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489
http://www-01.ibm.com/support/docview.wss?uid=swg21405562
http://www.vupen.com/english/advisories/2009/3132