CVE-2013-6714

The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.1 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:S/C:P/I:P/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
ibmtivoli_storage_flashcopy_manager
3.1.0
ibmtivoli_storage_flashcopy_manager
3.1.1
ibmtivoli_storage_flashcopy_manager
3.2.0
ibmtivoli_storage_flashcopy_manager
3.2.1
ibmtivoli_storage_flashcopy_manager
4.1.0
ibmtivoli_storage_flashcopy_manager
4.1.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21673045
https://exchange.xforce.ibmcloud.com/vulnerabilities/89057
http://www-01.ibm.com/support/docview.wss?uid=swg21673045
https://exchange.xforce.ibmcloud.com/vulnerabilities/89057