Tivoli Storage Manager Server Unauthorized Access Vulnerability

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a vulnerability which allows users to
perform unauthorized actions.

Description :

The remote host is running a version of IBM Tivoli Storage Manager
server that is affected by a vulnerability that allows a local
attacker to access the data stored on the server for users on the same
system who have data stored under the same node. This can also have an
impact on the confidentiality and integrity of certain node data.

See also :

https://www-304.ibm.com/support/docview.wss?uid=swg21657726

Solution :

Apply the appropriate patch according to the vendor's advisory.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 81492 ()

Bugtraq ID: 64146

CVE ID: CVE-2012-5944

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now