Remote Code Execution Vulnerability in IBM Tivoli Storage Manager FastBack
CVE-2015-1942

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Fastback
Vendor: CVE Published:; 30 June 2015

Summary

The IBM Tivoli Storage Manager FastBack 6.1 prior to version 6.1.12 contains a vulnerability that allows remote attackers to exploit a flaw in the server. By sending specially crafted TCP packets to an unspecified port, attackers may write arbitrary files to the server. This capability can lead to unauthorized remote code execution, posing significant risks to the integrity and confidentiality of the affected systems. Implementing the latest updates and configurations is essential to mitigate exposure to this vulnerability.

References

http://www.securitytracker.com/id/1032773

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/75450

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-15-269

x_refsource_MISC

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 30, 2015
Vulnerability Reserved
Feb 19, 2015