Vulnerability Description
The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager | 6.3.1 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC92933Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg21662608Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86661
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC92933Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg21662608Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86661
FAQ
What is CVE-2013-5371?
CVE-2013-5371 is a vulnerability with a CVSS score of 2.1 (LOW). The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local u...
How severe is CVE-2013-5371?
CVE-2013-5371 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5371?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager.