Tivoli Storage Manager Server Unauthorized Backup File Displacement

Low Nessus Plugin ID 81493


The remote host is affected by a vulnerability which allows users to perform unauthorized actions.


The remote host is running a version of IBM Tivoli Storage Manager server that is affected by a vulnerability that allows unauthorized users to trigger backup operations that can cause previously backed up files to be rolled off.

Note that this plugin does not check for the presence of any workarounds.


Apply the appropriate patch according to the vendor's advisory.

See Also


Plugin Details

Severity: Low

ID: 81493

File Name: ibm_tsm_server_swg21686874.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Misc.

Published: 2015/02/24

Modified: 2015/02/25

Dependencies: 25656

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager

Required KB Items: installed_sw/IBM Tivoli Storage Manager, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/10/16

Vulnerability Publication Date: 2014/10/16

Reference Information

CVE: CVE-2014-4817

BID: 71109

OSVDB: 114775