3.3
CVE-2013-6335
- EPSS 0.05%
- Published 26.08.2014 10:55:04
- Last modified 12.04.2025 10:46:40
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Tivoli Storage Manager Version >= 5.1 < 6.2.5.3
Ibm ≫ Tivoli Storage Manager Version >= 6.3.0 < 6.3.2
Ibm ≫ Tivoli Storage Manager Version >= 6.4.0 < 6.4.2
Ibm ≫ Tivoli Storage Manager Version >= 7.1.0.0 < 7.1.0.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.135 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:P/I:P/A:N
|
CWE-281 Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.