Stack Buffer Overflow in IBM Tivoli Storage Manager Command Line Interface
CVE-2020-28198

7HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
6 May 2021

Summary

The 'id' parameter of IBM Tivoli Storage Manager's Command Line Administrative Interface (dsmadmc.exe) is susceptible to an exploitable stack buffer overflow. This can occur specifically during its interactive mode. Notably, due to a character limitation, exploitation is not possible in batch or command-line usage. It is important to note that this vulnerability affects versions of the product that are no longer supported by IBM.

References

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.