CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
83.2%
The version of IBM Tivoli Storage FlashCopy Manager for VMware installed on the remote host is affected by multiple vulnerabilities :
An unspecified flaw exists in the graphical user interface that allows an unauthenticated, remote attacker to perform backup and restore operations, along with other administrative commands, resulting in a possible adverse impact on the integrity of system operation or the disclosure of confidential information. (CVE-2015-7425)
A flaw exists in the IBM Data Protection Extension that can result in privilege escalation. An authenticated attacker can exploit this to select an existing virtual machine from the vSphere inventory and perform a Restore operation without having the required privilege for the operation. Although performing this operation does not overwrite the existing virtual machine, the attacker can create a new virtual machine holding the same data, allowing disclosure of information. (CVE-2015-7429)
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(87822);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/10/15");
script_cve_id("CVE-2015-7425", "CVE-2015-7429");
script_bugtraq_id(79541, 79545);
script_name(english:"IBM Tivoli Storage FlashCopy Manager for VMware 3.1.x < 3.1.1.3 / 3.2.x < 3.2.0.6 / 4.1.x < 4.1.4.0 Command Execution");
script_summary(english:"Checks version of Tivoli Storage FlashCopy Manager for VMware.");
script_set_attribute(attribute:"synopsis", value:
"A backup application installed on the remote host is affected by
multiple remote command execution vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of IBM Tivoli Storage FlashCopy Manager for VMware
installed on the remote host is affected by multiple vulnerabilities :
- An unspecified flaw exists in the graphical user interface
that allows an unauthenticated, remote attacker to perform
backup and restore operations, along with other
administrative commands, resulting in a possible adverse
impact on the integrity of system operation or the
disclosure of confidential information. (CVE-2015-7425)
- A flaw exists in the IBM Data Protection Extension that
can result in privilege escalation. An authenticated
attacker can exploit this to select an existing virtual
machine from the vSphere inventory and perform a Restore
operation without having the required privilege for the
operation. Although performing this operation does not
overwrite the existing virtual machine, the attacker can
create a new virtual machine holding the same data,
allowing disclosure of information. (CVE-2015-7429)");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21973086");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21973087");
script_set_attribute(attribute:"solution", value:
"Upgrade to Tivoli Storage FlashCopy Manager for VMware version
3.1.1.3 / 3.2.0.6 / 4.1.4.0 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7425");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/11");
script_set_attribute(attribute:"patch_publication_date", value:"2015/12/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/08");
script_set_attribute(attribute:"agent", value:"unix");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:tivoli_storage_flashcopy_manager");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tivoli_storage_flashcopy_manager_installed_linux.nbin");
script_require_keys("installed_sw/Tivoli Storage FlashCopy Manager");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");
app = 'Tivoli Storage FlashCopy Manager';
install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);
version = install["version"];
path = install["path"];
hypervisor = install["Hypervisor"];
app += " for " + hypervisor;
if (hypervisor != "VMware")
audit(AUDIT_INST_VER_NOT_VULN, app, version);
if (version =~ "^3\.1\.")
fix = "3.1.1.3";
else if (version =~ "^3\.2\.")
fix = "3.2.0.6";
else if (version =~ "^4\.1\.")
fix = "4.1.4.0";
else
audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
if (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)
audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
report =
'\n Hypervisor : ' + hypervisor +
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix + '\n';
security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
83.2%