CVE-2013-6335

The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
ibmtivoli_storage_manager
5.1 ≤
𝑥
< 6.2.5.3
ibmtivoli_storage_manager
6.3.0 ≤
𝑥
< 6.3.2
ibmtivoli_storage_manager
6.4.0 ≤
𝑥
< 6.4.2
ibmtivoli_storage_manager
7.1.0.0 ≤
𝑥
< 7.1.0.3
ibmtivoli_storage_manager
5.1 ≤
𝑥
< 6.1.5.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/60482
http://www-01.ibm.com/support/docview.wss?uid=swg1IC96095
http://www-01.ibm.com/support/docview.wss?uid=swg21680453
https://exchange.xforce.ibmcloud.com/vulnerabilities/89054
http://secunia.com/advisories/60482
http://www-01.ibm.com/support/docview.wss?uid=swg1IC96095
http://www-01.ibm.com/support/docview.wss?uid=swg21680453
https://exchange.xforce.ibmcloud.com/vulnerabilities/89054