CVE-2009-3855
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
45.9%
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | tivoli_storage_manager | 5.2.5.3 | cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.0 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.1 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.2 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.2.4 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.3 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.4 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.5.1 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:* |
| ibm | tivoli_storage_manager | 5.3.6.1 | cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
45.9%