Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6195


Vulnerability Score 1.9 1.9
CVE Id CVE-2014-6195
Last Modified 18 Feb 2015 01:48:42
Published 13 Feb 2015 09:59:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE



The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before on z/OS; 6.1 and 6.2 before on Windows, before on AIX and Linux x86, and before on Linux Z and Solaris; 6.3 before on AIX, before on Windows, and before on Linux; 6.4 before; and 7.1 before 7.1.1 in IBM TSM for Mail, when the Data Protection for Lotus Domino component is used, allow local users to bypass authentication and restore a Domino database or transaction-log backup via unspecified vectors.

Vulnerable Systems


  • Ibm Tivoli Storage Manager 5.4

  • Ibm Tivoli Storage Manager 5.5

  • Ibm Tivoli Storage Manager 6.1

  • Ibm Tivoli Storage Manager 6.2

  • Ibm Tivoli Storage Manager 6.3

  • Ibm Tivoli Storage Manager 6.4

  • Ibm Tivoli Storage Manager 7.1


XF - ibm-tsm-cve20146195-sec-bypass(98607)



Last Updated: 27 May 2016 11:07:50