Vulnerability Description
The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager | 5.1.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21686874Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95444
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21686874Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95444
FAQ
What is CVE-2014-4817?
CVE-2014-4817 is a vulnerability with a CVSS score of 2.1 (LOW). The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a c...
How severe is CVE-2014-4817?
CVE-2014-4817 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4817?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager.