CVE-2003-1570

Sažetak

The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure."

Reference

http://secunia.com/advisories/34498
http://securitytracker.com/id?1021947
http://www.securityfocus.com/bid/34285
http://www.vupen.com/english/advisories/2009/0881
http://www-01.ibm.com/support/docview.wss?uid=swg21375360
http://www-1.ibm.com/support/docview.wss?uid=swg1IC37554
https://exchange.xforce.ibmcloud.com/vulnerabilities/49536

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-08-2017 - 01:29

Objavljeno

31-03-2009 - 18:24