2.1

CVE-2013-3976

EPSS 0.18%
Published 26.03.2014 10:55:05
Last modified 12.04.2025 10:46:40
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the (2) FlashCopy Manager for Exchange component 2.2 and 3.1 before 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not properly constrain mailbox contents during certain PST restore operations, which allows remote authenticated users to read the personal e-mail of other users in opportunistic circumstances by launching an e-mail client after an administrator performs a multiple-mailbox restore.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Data Protection Version6.1 SwPlatformexchange_server

Ibm ≫ Data Protection Version6.3 SwPlatformexchange_server

Ibm ≫ Flashcopy Manager Version2.1 SwPlatformexchange_server

Ibm ≫ Flashcopy Manager Version2.2 SwPlatformexchange_server

Ibm ≫ Flashcopy Manager Version3.1 SwPlatformexchange_server

Ibm ≫ Tivoli Storage Flashcopy Manager Version-

Ibm ≫ Tivoli Storage Manager For Mail Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.18%	0.362

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:N/AC:H/Au:S/C:P/I:N/A:N

http://www-01.ibm.com/support/docview.wss?uid=swg1IC81223

http://www-01.ibm.com/support/docview.wss?uid=swg21644407

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/84881

https://nvd.nist.gov/vuln/detail/CVE-2013-3976

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-3976

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-3976

EUVD