Vulnerability Details CVE-2007-5819
IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.2%
CVSS Severity
CVSS v2 Score 2.1
References
- http://secunia.com/advisories/27473
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
- http://www.securityfocus.com/bid/26293
- http://www.vupen.com/english/advisories/2007/3683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38215
- http://secunia.com/advisories/27473
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
- http://www.securityfocus.com/bid/26293
- http://www.vupen.com/english/advisories/2007/3683
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38215
Products affected by CVE-2007-5819
-
cpe:2.3:a:ibm:tivoli_continuous_data_protection_for_files:3.1.0