Vulnerability Details : CVE-2013-5371
The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.
Products affected by CVE-2013-5371
- cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-5371
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-5371
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2013-5371
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-5371
-
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92933
IBM notice: The page you requested cannot be displayedVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86661
IBM Tivoli Storage Manager information disclosure CVE-2013-5371 Vulnerability Report
-
http://www.ibm.com/support/docview.wss?uid=swg21662608
IBM notice: The page you requested cannot be displayedVendor Advisory
Jump to