CVE-2014-4817

Published Nov 18, 2014
Last updated 7 years ago
CVSS info 2.1
Overview

Description: The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.
Source: psirt@us.ibm.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-264
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC7FD0D2-E106-4152-AF87-0E8BEE44DDCC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41A50035-DA7C-4F8F-B36A-3C5194098F4F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6521E9-3106-49F6-84DF-66FFE47BDAC8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0A6731C-74A9-4FA9-8F2B-66D5F623151B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E1464DB-B192-4459-9C6D-34E8213CDC5E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EDD381D-FEA0-476C-9389-D777D2E344E7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79B76B2B-D92E-4000-8779-87C01BE55E4A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E8452AD-9871-4BDC-8302-EB6CD86A0C9B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA28A2C9-21A0-48E2-88DD-C2336D990523"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "256AFD08-1918-46D6-9A7A-AE50ACDE9347"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAA451EA-3F6E-4063-99E2-0D1D6950CC11"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF4E3EAE-A032-4A42-91C9-5D1E1CC048B7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58353CBA-C09A-4F19-BDE4-D0243AEF3213"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C5E07B8-DB3C-4A99-801C-84C3814BAA9A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7C40A61-30E2-4FD4-A29B-715981201F1C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2585495-DB97-429F-87AC-4C4E92DE305D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A665E28-2D3D-40DE-AF28-D549F3A37A82"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31370480-2B9D-44D4-A448-4B441CF59194"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0973283F-AD45-4927-88E2-559069C1B0F8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "801CCEC1-8DED-41C4-B6D2-38E4BEC74EA2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A263333E-DB86-41BE-A508-731079429E62"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E5F0611-DD8F-42A2-AFD7-1BCBD38BAB4F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25121FC4-9EE2-44AE-BEB3-02C3AB38DB61"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93FCB242-C35B-4CDB-AE62-3CA5D312586B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70016926-5776-4A04-8D55-5CA12D1DA9B4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "930B5AE2-CA47-47D7-96DE-F2B9F70337C8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FAA5227-C1F5-48C1-A207-096F228E305E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B38E6A-86AA-4C35-AF3F-7F77DF647235"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "271A29AC-0890-495D-8DF7-2530CEAF6C2D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43BE5332-C982-440A-A7AA-03B83415B444"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74E095D6-D6C9-4E21-9CBA-508D043C4286"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFD434E9-6D0E-4FDB-A39A-D9FAC7E825C0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22F74B9A-D31E-43E3-8A29-BFD09A9442F4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D5A77C9-AB75-4133-8441-9BEE8591A717"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11E968D1-8198-4686-BFDD-8499CB435B56"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40A8E0C4-8509-4372-99C7-CFBA2100AEBE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CBC191E-0CE6-4D9C-A75B-E3484AC3B4DE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F956AF3F-0BDF-4F4B-AB29-418C39BEC8D5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0642EDE5-7EBF-4FA3-9432-F82FE76EF9EB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4C19266-CDED-4DC0-8B50-560BA3B5DAC4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BE93F92-4A7E-436C-8120-3BECC9C7215E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67741515-E42C-41CA-8D11-AFFB0D23B7C3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D01ED5FF-D648-4B94-A555-D702804079D3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BD18D39-DA8A-4C58-A18B-14EB6BEFBFDE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0ADAA69-B258-4666-9AB7-7965429EA497"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F4722BA-186A-4999-965E-ED5FA72D4BD0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9FF105A-6B8E-4849-875F-FD87EC9291E3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F41474E8-A930-43D1-8F4D-E6C219B6DB0D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "175D813D-9D9E-4FC6-984F-0E31ED4101C2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0C2CB3F-61A9-4970-B043-11A105B2D439"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC4EA95B-C812-4A27-8FB2-46F644463BF6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76EC7D2D-4B0A-4CDF-A523-85ABEF05D211"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C7DD9CE-0E95-45BB-9BB5-07652C9FD6C1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F3F3288-4280-43DA-B6E4-8240137105AD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90CAA216-D0B3-4ECB-8BBE-5288DE590DE6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10524DD7-E9F2-498C-93F1-54F2C47AAEBB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "863D87DB-64FD-4C97-9CAD-48ED2A298FA5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "295AD957-904D-4917-BCDD-27E5E4AD9E27"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45172E20-5E12-435E-815F-D543C9B6BD41"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476EE4EA-A032-49EF-9A4C-37D8AD642130"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9625017C-311D-423A-BFF8-AEB4CE7766FE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3538EBB1-A960-4CE7-B07D-17CAFF9F3564"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19A53C1A-0B43-4EB8-B489-742AAD1D4379"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92592FF3-70F2-4C48-A2A0-C5C8E8DCC649"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9311DE26-75E2-4588-858E-38497D7A8984"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99AF4A3C-759F-41C4-B471-C2D63409919A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F6959DE-5D31-49E4-B986-0E6F1BBD10D8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27BFC575-56CB-4A9C-9BE5-4E91B38CBD37"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CC99211-3DF3-414F-BC31-59286E7C84A3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "705A5381-AEA6-4FA2-B0EC-AD5F9E4FC985"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "335EAE82-7CC6-4420-BCD1-81FD54FD60ED"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3707B2DD-1855-4094-B0B5-C1204EBB221C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "122C35D5-BF80-4DE4-861D-C7D6D4D56777"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5C31C57-90BD-46E7-A1C8-A73F72D81BEB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B485D043-6865-4BA3-A3F9-DDC803495A27"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BEFCB76-C69E-4168-9A2E-A258B7E44F23"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7687A0AB-E864-4E23-8A5F-54AD38A69B84"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F35C20CF-CB82-46D7-A4D0-FFD277B7ECB9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B27F038-ADB0-4052-8264-C0816194DB1E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2E9FBE6-B342-43BD-BB32-650A87AB8EBA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAADE980-DC7D-4A3A-A0C4-B03EF08B3CBB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CC9CE1A-7416-4F41-8699-693C161D8EE7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8092D853-0E6D-4104-B85B-92132D925DA8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0BF5A53-0FEE-49E2-B2C2-918ECBB36256"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
