Vulnerability Description
IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Continuous Data Protection For Files | 3.1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27473Vendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
- http://www.securityfocus.com/bid/26293
- http://www.vupen.com/english/advisories/2007/3683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38215
- http://secunia.com/advisories/27473Vendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
- http://www.securityfocus.com/bid/26293
- http://www.vupen.com/english/advisories/2007/3683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38215
FAQ
What is CVE-2007-5819?
CVE-2007-5819 is a vulnerability with a CVSS score of 2.1 (LOW). IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary file...
How severe is CVE-2007-5819?
CVE-2007-5819 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5819?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Continuous Data Protection For Files.