Authorization Bypass in Tivoli Storage FlashCopy Manager by IBM
CVE-2013-6714

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Flashcopy Manager
Vendor: CVE Published:; 26 May 2014

Summary

The Tivoli Storage FlashCopy Manager by IBM is susceptible to an authorization bypass vulnerability. This flaw allows local users to improperly access sensitive virtual machine data or create a denial of service through unspecified actions within the graphical user interface. Specifically, the software does not properly validate user permissions during backup and restore processes, which could lead to potential data overwrites or excessive disk consumption.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/89057

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21673045

x_refsource_CONFIRM

Timeline

Vulnerability published
May 26, 2014
Vulnerability Reserved
Nov 8, 2013