Tivoli Storage Manager Server Unauthorized Backup File Displacement

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a vulnerability which allows users to
perform unauthorized actions.

Description :

The remote host is running a version of IBM Tivoli Storage Manager
server that is affected by a vulnerability that allows unauthorized
users to trigger backup operations that can cause previously backed up
files to be rolled off.

Note that this plugin does not check for the presence of any
workarounds.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21686874

Solution :

Apply the appropriate patch according to the vendor's advisory.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 1.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 81493 ()

Bugtraq ID: 71109

CVE ID: CVE-2014-4817

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now