CVE-2007-5819

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2007-5819
IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
http://secunia.com/advisories/27473 Vendor Advisory
http://www.securityfocus.com/bid/26293
http://www.vupen.com/english/advisories/2007/3683
https://exchange.xforce.ibmcloud.com/vulnerabilities/38215
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:tivoli_continuous_data_protection_for_files:3.1.0:*:*:*:*:*:*:*
Information

Published : 2007-11-05 10:46

Updated : 2017-07-28 18:33

NVD link : CVE-2007-5819

Mitre link : CVE-2007-5819

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

ibm

  • tivoli_continuous_data_protection_for_files