CVE-2014-4817

The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
ibmtivoli_storage_manager
5.1.0
ibmtivoli_storage_manager
5.1.1
ibmtivoli_storage_manager
5.1.5
ibmtivoli_storage_manager
5.1.6
ibmtivoli_storage_manager
5.1.7
ibmtivoli_storage_manager
5.1.8
ibmtivoli_storage_manager
5.1.9
ibmtivoli_storage_manager
5.1.10
ibmtivoli_storage_manager
5.2
ibmtivoli_storage_manager
5.2.0
ibmtivoli_storage_manager
5.2.1
ibmtivoli_storage_manager
5.2.2
ibmtivoli_storage_manager
5.2.4
ibmtivoli_storage_manager
5.2.5.1
ibmtivoli_storage_manager
5.2.5.2
ibmtivoli_storage_manager
5.2.5.3
ibmtivoli_storage_manager
5.2.7
ibmtivoli_storage_manager
5.2.8
ibmtivoli_storage_manager
5.2.9
ibmtivoli_storage_manager
5.3
ibmtivoli_storage_manager
5.3.0
ibmtivoli_storage_manager
5.3.1
ibmtivoli_storage_manager
5.3.2
ibmtivoli_storage_manager
5.3.2.4
ibmtivoli_storage_manager
5.3.3
ibmtivoli_storage_manager
5.3.4
ibmtivoli_storage_manager
5.3.5.1
ibmtivoli_storage_manager
5.3.6.1
ibmtivoli_storage_manager
5.3.6.2
ibmtivoli_storage_manager
5.3.6.3
ibmtivoli_storage_manager
5.3.6.4
ibmtivoli_storage_manager
5.3.6.5
ibmtivoli_storage_manager
5.3.6.6
ibmtivoli_storage_manager
5.4
ibmtivoli_storage_manager
5.4.0
ibmtivoli_storage_manager
5.4.1
ibmtivoli_storage_manager
5.4.2
ibmtivoli_storage_manager
5.4.2.2
ibmtivoli_storage_manager
5.4.2.3
ibmtivoli_storage_manager
5.4.2.4
ibmtivoli_storage_manager
5.4.3.0
ibmtivoli_storage_manager
5.4.3.2
ibmtivoli_storage_manager
5.4.3.3
ibmtivoli_storage_manager
5.4.4.0
ibmtivoli_storage_manager
5.5.0
ibmtivoli_storage_manager
5.5.1
ibmtivoli_storage_manager
5.5.2
ibmtivoli_storage_manager
5.5.3
ibmtivoli_storage_manager
5.5.4
ibmtivoli_storage_manager
5.5.4.1
ibmtivoli_storage_manager
6.0
ibmtivoli_storage_manager
6.1.0
ibmtivoli_storage_manager
6.1.1
ibmtivoli_storage_manager
6.1.2
ibmtivoli_storage_manager
6.1.3
ibmtivoli_storage_manager
6.1.4
ibmtivoli_storage_manager
6.1.5
ibmtivoli_storage_manager
6.1.5.4
ibmtivoli_storage_manager
6.2.0
ibmtivoli_storage_manager
6.2.0.0
ibmtivoli_storage_manager
6.2.1
ibmtivoli_storage_manager
6.2.2
ibmtivoli_storage_manager
6.2.3
ibmtivoli_storage_manager
6.2.4
ibmtivoli_storage_manager
6.2.4.4
ibmtivoli_storage_manager
6.2.4.7
ibmtivoli_storage_manager
6.2.6
ibmtivoli_storage_manager
6.2.7
ibmtivoli_storage_manager
6.3.0
ibmtivoli_storage_manager
6.3.0.0
ibmtivoli_storage_manager
6.3.0.1
ibmtivoli_storage_manager
6.3.0.17
ibmtivoli_storage_manager
6.3.1
ibmtivoli_storage_manager
6.3.2
ibmtivoli_storage_manager
6.3.2.1
ibmtivoli_storage_manager
6.3.3
ibmtivoli_storage_manager
6.3.4
ibmtivoli_storage_manager
6.3.5
ibmtivoli_storage_manager
6.3.5.1
ibmtivoli_storage_manager
6.4.0
ibmtivoli_storage_manager
6.4.0.0
ibmtivoli_storage_manager
6.4.1
ibmtivoli_storage_manager
6.4.2
ibmtivoli_storage_manager
7.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884
http://www-01.ibm.com/support/docview.wss?uid=swg21686874
https://exchange.xforce.ibmcloud.com/vulnerabilities/95444
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884
http://www-01.ibm.com/support/docview.wss?uid=swg21686874
https://exchange.xforce.ibmcloud.com/vulnerabilities/95444