CVE-2013-6713

Published May 26, 2014

Last updated 7 years ago

Overview

Description: The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (disk consumption) via unspecified GUI actions.
Source: psirt@us.ibm.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.1
Impact score: 6.4
Exploitability score: 2.7
Vector string: AV:L/AC:M/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90CF2B22-6678-4A35-84E0-878D0C9839DA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.3.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "492383B7-460A-4FAF-8C93-085B65B7B65A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D781D77-1E23-40E8-A501-9B884E9AFE3B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4679AC05-88C8-4D60-B0B8-60CF9F6C547C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.3.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "462ED865-0D6B-46A6-A6D2-6655FF7978DD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D4E3501-CED0-428C-A197-63035FA11829"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:6.4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1952DA2-A076-452B-A535-04A2FFEC43BA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:7.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52D024AA-61A2-448D-930B-CB7852D2FFB9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:7.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8BF06A8-99A6-4D4F-ADF4-B2F142BCE843"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_for_virtual_environments:7.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FB08F5F-A891-4483-98BC-954A6D89BB03"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References