CVE-2007-5819

Sažetak

IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

Reference

http://secunia.com/advisories/27473
http://www.securityfocus.com/bid/26293
http://www.vupen.com/english/advisories/2007/3683
http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
https://exchange.xforce.ibmcloud.com/vulnerabilities/38215

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

29-07-2017 - 01:33

Objavljeno

05-11-2007 - 18:46