CVE-2010-3761 : Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0

Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-700. NOTE: this might overlap CVE-2010-3058 or CVE-2010-3059.

Published 2010-10-05 22:00:07

Updated 2010-10-06 18:14:47

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2010-3761

Probability of exploitation activity in the next 30 days: 1.11%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-3761

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2010-3761

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-3761

http://zerodayinitiative.com/advisories/upcoming/

Upcoming | Zero Day Initiative
http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883

IBM notice: The page you requested cannot be displayed
Vendor Advisory

CVEs referencing this url
http://www.ibm.com/support/docview.wss?uid=swg21443820

Security fixes available for IBM Tivoli Storage Manager FastBack
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2010-3761

IBM » Tivoli Storage Manager Fastback » Version: 6.1.0.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.6.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.6.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.1
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.1:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.2
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.2.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.4.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.4.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.3.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.3.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 5.5.5.0
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.5.0:*:*:*:*:*:*:*
Matching versions
IBM » Tivoli Storage Manager Fastback » Version: 6.1.0.1
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-3761

Exploit prediction scoring system (EPSS) score for CVE-2010-3761

CVSS scores for CVE-2010-3761

CWE ids for CVE-2010-3761

References for CVE-2010-3761

Products affected by CVE-2010-3761