CVSS: 9.1EPSS: 0%CPEs: 84EXPL: 0CVE-2014-4817
https://notcve.org/view.php?id=CVE-2014-4817
18 Nov 2014 — The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename. El servidor en IBM Tivoli Storage Manager (TSM) 5.x y 6.x anterior a 6.3.5.10 y 7.x anterior a 7.1.1.100 permitiría a atacantes remotos eludir las restricciones de acceso y reemplazar las copias de seguridad de archivos... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-6335
https://notcve.org/view.php?id=CVE-2013-6335
26 Aug 2014 — The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. El cliente Backup-Archive en IBM Tivoli Storage Manager (TSM) for Space Management 5.x y 6.x... • http://secunia.com/advisories/60482 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2013-6713
https://notcve.org/view.php?id=CVE-2013-6713
26 May 2014 — The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (disk consumption) via unspecified GUI actions. El componente Data Protection For VMware en IBM Tivoli Storage Manager For Virtual Environments (TSMVE) 6.3 hasta 7.1.0.2 no comprueba debidamente autorización para operaciones de copia... • http://www-01.ibm.com/support/docview.wss?uid=swg21673051 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 65EXPL: 0CVE-2013-0471
https://notcve.org/view.php?id=CVE-2013-0471
21 Feb 2013 — The traditional scheduler in the client in IBM Tivoli Storage Manager (TSM) before 6.2.5.0, 6.3 before 6.3.1.0, and 6.4 before 6.4.0.1, when Prompted mode is enabled, allows remote attackers to cause a denial of service (scheduling outage) via unspecified vectors. El planificador tradicional en el cliente de IBM Tivoli Storage Manager (TSM) antes de v6.2.5.0, v6.3.1.0 antes de v6.3 y v6.4 antes de v6.4.0.1, cuando la modalidad de petición está activada, permite a atacantes remotos provocar una denegación de... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC87331 •
CVSS: 9.1EPSS: 0%CPEs: 65EXPL: 0CVE-2013-0472
https://notcve.org/view.php?id=CVE-2013-0472
21 Feb 2013 — The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors. La interfaz gráfica de usuario Web en el cliente de IBM Tivoli Storage Manager (TSM) v6,3 antes de v6.3.1.0 y v6,4 antes de v6.4.0.1 permite ataques de man-in-the-middle para obtener acceso de clientes no especificados, y por lo tanto obtener acceso al servidor si... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC87210 •