Command Execution Vulnerability in IBM Tivoli Storage Manager FastBack Server
CVE-2015-1949

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Fastback
Vendor: CVE Published:; 30 June 2015

What is CVE-2015-1949?

The server component of IBM Tivoli Storage Manager FastBack version 6.1, prior to 6.1.12, contains a vulnerability that allows remote attackers to execute arbitrary commands with SYSTEM privileges. This can occur through unspecified vectors, posing a significant risk to the integrity and confidentiality of the system. Users are advised to upgrade to the latest version to mitigate this vulnerability.

References

http://www.securitytracker.com/id/1032773

vdb-entryx_refsource_SECTRACK

http://www.zerodayinitiative.com/advisories/ZDI-15-271

x_refsource_MISC

http://www-01.ibm.com/support/docview.wss?uid=swg21959398

x_refsource_CONFIRM

EPSS Score

14% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2015
Vulnerability Reserved
Feb 19, 2015