Information Disclosure in IBM Tivoli Storage Manager for Mail and FlashCopy Manager
CVE-2013-3976

Currently unrated

Key Information:

Vendor

IBM
Status
Flashcopy Manager
Tivoli Storage Manager For Mail
Data Protection
Tivoli Storage Flashcopy Manager
Vendor
CVE Published:
26 March 2014

What is CVE-2013-3976?

The Data Protection for Exchange component in IBM Tivoli Storage Manager for Mail, as well as the FlashCopy Manager for Exchange, fail to adequately restrict access to mailbox contents during certain PST restore operations. When an administrator executes a multiple-mailbox restore, remote authenticated users could potentially access and read the personal emails of other individuals. This vulnerability arises due to the inadequate constraints placed on mailbox contents, particularly when an email client is initiated post-restore, creating opportunistic circumstances for unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IC81223
vendor-advisoryx_refsource_AIXAPAR
https://exchange.xforce.ibmcloud.com/vulnerabilities/84881
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg21644407
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.