CVE-2014-6195

Published Feb 14, 2015

Last updated 2 years ago

CVSS info 1.9

Overview

Description: The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on Windows, before 6.2.5.3 on AIX and Linux x86, and before 6.2.5.4 on Linux Z and Solaris; 6.3 before 6.3.2.1 on AIX, before 6.3.2.2 on Windows, and before 6.3.2.3 on Linux; 6.4 before 6.4.2.1; and 7.1 before 7.1.1 in IBM TSM for Mail, when the Data Protection for Lotus Domino component is used, allow local users to bypass authentication and restore a Domino database or transaction-log backup via unspecified vectors.
Source: psirt@us.ibm.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 1.9
Impact score: 2.9
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-284

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "212B26BB-0A19-41EB-811C-04C765374E8A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "D8132A11-39D4-45A3-B74F-DF1F849D841C"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "2AB621EB-370C-4009-AE54-42C6BD2C9324"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "C0933A83-98F6-43B1-BB02-03F8F1C9F38D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5D9816F-5D2A-4B2B-A654-16B4AE04B88D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "282931BE-0838-45CA-AC9D-EAD0C4244448"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "BC2B53A0-302B-4A34-89CD-842C3692927F"
          },
          {
            "criteria": "cpe:2.3:o:ibm:z\\/os:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28A9DB7F-187D-42BA-B271-1C302E529BFB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "644EDED7-7696-448D-A1F5-D361540B680F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA4D3E9E-144A-4F7C-973A-F7FBE0776FB6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "D8132A11-39D4-45A3-B74F-DF1F849D841C"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "2AB621EB-370C-4009-AE54-42C6BD2C9324"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E11F79C4-D61F-481B-9BDC-ADEDE1494AAD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "D8132A11-39D4-45A3-B74F-DF1F849D841C"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "282931BE-0838-45CA-AC9D-EAD0C4244448"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "2AB621EB-370C-4009-AE54-42C6BD2C9324"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "BC2B53A0-302B-4A34-89CD-842C3692927F"
          },
          {
            "criteria": "cpe:2.3:o:ibm:z\\/os:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28A9DB7F-187D-42BA-B271-1C302E529BFB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "644EDED7-7696-448D-A1F5-D361540B680F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          },
          {
            "criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:sparc:*",
            "vulnerable": false,
            "matchCriteriaId": "B09F81E2-4FEA-4DFF-95A1-8CABC27FF166"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D5A77C9-AB75-4133-8441-9BEE8591A717"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "282931BE-0838-45CA-AC9D-EAD0C4244448"
          },
          {
            "criteria": "cpe:2.3:o:ibm:z\\/os:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "28A9DB7F-187D-42BA-B271-1C302E529BFB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "644EDED7-7696-448D-A1F5-D361540B680F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          },
          {
            "criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:sparc:*",
            "vulnerable": false,
            "matchCriteriaId": "B09F81E2-4FEA-4DFF-95A1-8CABC27FF166"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF7A543F-FD79-42C8-9DAF-2DD549926DDA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "D8132A11-39D4-45A3-B74F-DF1F849D841C"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "2AB621EB-370C-4009-AE54-42C6BD2C9324"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7660C8A-2C6A-4AA1-95DB-DA6F4BA7A821"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "D8132A11-39D4-45A3-B74F-DF1F849D841C"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "282931BE-0838-45CA-AC9D-EAD0C4244448"
          },
          {
            "criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:*:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "2AB621EB-370C-4009-AE54-42C6BD2C9324"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x86:*",
            "vulnerable": false,
            "matchCriteriaId": "644EDED7-7696-448D-A1F5-D361540B680F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          },
          {
            "criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:sparc:*",
            "vulnerable": false,
            "matchCriteriaId": "B09F81E2-4FEA-4DFF-95A1-8CABC27FF166"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References