Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6185

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2014-6185
Last Modified 13 Feb 2015 06:19:46
Published 12 Feb 2015 09:59:06
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-6185

Summary

dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to gain privileges via a crafted DSO file.

Vulnerable Systems

Application

  • Ibm Tivoli Storage Manager 6.3.0

  • Ibm Tivoli Storage Manager 6.3.0.15

  • Ibm Tivoli Storage Manager 6.3.0.5

  • Ibm Tivoli Storage Manager 6.3.1.2

  • Ibm Tivoli Storage Manager 6.3.2.1

  • Ibm Tivoli Storage Manager 6.3.2.2

  • Ibm Tivoli Storage Manager 6.4.0

  • Ibm Tivoli Storage Manager 6.4.0.1

  • Ibm Tivoli Storage Manager 6.4.0.4

  • Ibm Tivoli Storage Manager 6.4.0.5

  • Ibm Tivoli Storage Manager 6.4.0.7

  • Ibm Tivoli Storage Manager 6.4.1

  • Ibm Tivoli Storage Manager 6.4.1.3

  • Ibm Tivoli Storage Manager 6.4.1.7

  • Ibm Tivoli Storage Manager 6.4.2

  • Ibm Tivoli Storage Manager 6.4.2.1

  • Ibm Tivoli Storage Manager 7.1.0

  • Ibm Tivoli Storage Manager 7.1.0.1

  • Ibm Tivoli Storage Manager 7.1.0.2

  • Ibm Tivoli Storage Manager 7.1.0.3

  • Ibm Tivoli Storage Manager 7.1.1

  • Ibm Tivoli Storage Manager 7.1.1.1


References

XF - ibm-tsm-cve20146185-dso(98521)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21695715

AIXAPAR - IT05713


Last Updated: 27 May 2016 11:07:48