CVE-2015-4927

The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
ibmtivoli_storage_manager
6.3.3
ibmtivoli_storage_manager
6.3.4
ibmtivoli_storage_manager
6.3.5
ibmtivoli_storage_manager
6.3.5.1
ibmtivoli_storage_manager
7.1
ibmtivoli_storage_manager
7.1.1
ibmtivoli_storage_manager
7.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21969340
http://www.securitytracker.com/id/1034044
http://www-01.ibm.com/support/docview.wss?uid=swg21969340
http://www.securitytracker.com/id/1034044