CVE-2007-5819

high

Description

IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/38215

http://www.vupen.com/english/advisories/2007/3683

http://www.securityfocus.com/bid/26293

http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264

http://secunia.com/advisories/27473

Details

Source: Mitre, NVD

Published: 2007-11-05

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Severity: High

EPSS

EPSS: 0.00047