CVE-2015-4927
Published Nov 4, 2015
Last updated 8 years ago
Overview
- Description
- The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BEFCB76-C69E-4168-9A2E-A258B7E44F23"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7687A0AB-E864-4E23-8A5F-54AD38A69B84"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F35C20CF-CB82-46D7-A4D0-FFD277B7ECB9"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B27F038-ADB0-4052-8264-C0816194DB1E"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "212B26BB-0A19-41EB-811C-04C765374E8A"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C59C16BD-1CB8-47BB-8352-B1609798BB0C"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E832B30-592B-43F4-B50D-34CABAC61E3D"
}
],
"operator": "OR"
}
]
}
]