CVE-2015-4927

EUVD-2015-4944
The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
ibmtivoli_storage_manager
6.3.3
ibmtivoli_storage_manager
6.3.4
ibmtivoli_storage_manager
6.3.5
ibmtivoli_storage_manager
6.3.5.1
ibmtivoli_storage_manager
7.1
ibmtivoli_storage_manager
7.1.1
ibmtivoli_storage_manager
7.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21969340
http://www.securitytracker.com/id/1034044
http://www-01.ibm.com/support/docview.wss?uid=swg21969340
http://www.securitytracker.com/id/1034044