CVE-2004-2762

high

Description

The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/49535

http://www.vupen.com/english/advisories/2009/0881

http://www.securityfocus.com/bid/34285

http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395

http://www-01.ibm.com/support/docview.wss?uid=swg21375360

http://www-01.ibm.com/support/docview.wss?uid=swg21246076

http://securitytracker.com/id?1021946

http://secunia.com/advisories/34498

Details

Source: Mitre, NVD

Published: 2009-03-31

Updated: 2026-04-23

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.01169