File Reading Vulnerability in IBM Tivoli Storage Manager FastBack
CVE-2015-1941

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Fastback
Vendor: CVE Published:; 30 June 2015

Summary

A vulnerability exists in IBM Tivoli Storage Manager FastBack, prior to version 6.1.12, that permits remote attackers to read arbitrary files on the server. This can occur through the sending of specially crafted TCP packets to an unspecified port, potentially leading to unauthorized access to sensitive data. The issue highlights the need for improved input validation mechanisms in the affected software.

References

http://www.securitytracker.com/id/1032773

vdb-entryx_refsource_SECTRACK

http://www.zerodayinitiative.com/advisories/ZDI-15-268

x_refsource_MISC

http://www.securityfocus.com/bid/75446

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 30, 2015
Vulnerability Reserved
Feb 19, 2015