Kaspersky LabKLA10210KLA10210 Vulnerability in IBM Tivoli Storage Manager
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
70.9%
An unspecified vulnerability was found in IBM Tivoli Storage Manager. By exploiting this vulnerability malicious users can conduct a man-in-the-middle attack and read arbitrary files. This vulnerability can be exploited remotely at a point related to SSL.
Original advisories
Related products
IBM-Tivoli-Storage-Manager-Client
CVE list
CVE-2009-1522 high
Solution
Update to latest version
Impacts
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
- RLF
Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conΡrete program errors.
Affected Products
- IBM Tivoli Storage Manager client versions from 5.5.0.0 to 5.5.1.17
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
70.9%