Vulnerability Description
dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to gain privileges via a crafted DSO file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager | 6.3.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT05713
- http://www-01.ibm.com/support/docview.wss?uid=swg21695715PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98521
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT05713
- http://www-01.ibm.com/support/docview.wss?uid=swg21695715PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98521
FAQ
What is CVE-2014-6185?
CVE-2014-6185 is a vulnerability with a CVSS score of 7.2 (HIGH). dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to g...
How severe is CVE-2014-6185?
CVE-2014-6185 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6185?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager.