CVE-2013-6714
Published May 26, 2014
Last updated 7 years ago
Overview
- Description
- The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.1
- Impact score
- 6.4
- Exploitability score
- 2.7
- Vector string
- AV:L/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BC01D70-F51D-4F55-A829-DFE0104AEF79"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD889452-6341-450B-9DF2-261B66A2ABB0"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B5B7107-61B4-4B55-A138-7648D35497D5"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:3.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61D1CD20-0895-406E-904A-AC160C288943"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B29338F6-E909-4114-97F9-F71A648AF7AE"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_flashcopy_manager:4.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC1CB0C1-BDEF-497F-85AF-2E0C9585E25E"
}
],
"operator": "OR"
}
]
}
]