Lucene search

MitreCVE-2009-3855

HistoryNov 04, 2009 - 3:30 p.m.

CVE-2009-3855

2009-11-0415:30:00

mitre

web.nvd.nist.gov

cve-2009-3855

ibm tivoli storage manager

tsm 5.3

tsm 5.4

tsm 5.5

unix

linux

os/400

backup-archive

file manipulation

vulnerability

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

45.9%

JSON

Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.

Affected configurations

Nvd

Node

ibmtivoli_storage_managerMatch5.2.5.3

ibmtivoli_storage_managerMatch5.3

ibmtivoli_storage_managerMatch5.3.0

ibmtivoli_storage_managerMatch5.3.1

ibmtivoli_storage_managerMatch5.3.2

ibmtivoli_storage_managerMatch5.3.2.4

ibmtivoli_storage_managerMatch5.3.3

ibmtivoli_storage_managerMatch5.3.4

ibmtivoli_storage_managerMatch5.3.5.1

ibmtivoli_storage_managerMatch5.3.6.1

ibmtivoli_storage_managerMatch5.3.6.2

ibmtivoli_storage_managerMatch5.3.6.3

ibmtivoli_storage_managerMatch5.3.6.4

ibmtivoli_storage_managerMatch5.3.6.5

ibmtivoli_storage_managerMatch5.4.0

ibmtivoli_storage_managerMatch5.4.1

ibmtivoli_storage_managerMatch5.5.0

VendorProductVersionCPE
ibmtivoli_storage_manager5.2.5.3cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.0cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.1cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.2cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.2.4cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.3cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.4cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.5.1cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.3.6.1cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_storage_manager	5.2.5.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:::::::*
ibm	tivoli_storage_manager	5.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.3:::::::*
ibm	tivoli_storage_manager	5.3.0	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:::::::*
ibm	tivoli_storage_manager	5.3.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:::::::*
ibm	tivoli_storage_manager	5.3.2	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:::::::*
ibm	tivoli_storage_manager	5.3.2.4	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:::::::*
ibm	tivoli_storage_manager	5.3.3	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:::::::*
ibm	tivoli_storage_manager	5.3.4	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:::::::*
ibm	tivoli_storage_manager	5.3.5.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:::::::*
ibm	tivoli_storage_manager	5.3.6.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:::::::*

Rows per page:

1-10 of 171

References

secunia.com/advisories/32534

www-01.ibm.com/support/docview.wss?uid=swg1IC54489

www-01.ibm.com/support/docview.wss?uid=swg21405562

www.vupen.com/english/advisories/2009/3132

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

45.9%

JSON

Related for CVE-2009-3855