Vulnerability Description
The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager | 6.3.3 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21969340Vendor Advisory
- http://www.securitytracker.com/id/1034044
- http://www-01.ibm.com/support/docview.wss?uid=swg21969340Vendor Advisory
- http://www.securitytracker.com/id/1034044
FAQ
What is CVE-2015-4927?
CVE-2015-4927 is a vulnerability with a CVSS score of 7.2 (HIGH). The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, ...
How severe is CVE-2015-4927?
CVE-2015-4927 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4927?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager.