Vulnerability Details CVE-2009-3855
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.5%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/32534
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489
- http://www-01.ibm.com/support/docview.wss?uid=swg21405562
- http://www.vupen.com/english/advisories/2009/3132
- http://secunia.com/advisories/32534
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489
- http://www-01.ibm.com/support/docview.wss?uid=swg21405562
- http://www.vupen.com/english/advisories/2009/3132
Products affected by CVE-2009-3855
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.4
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.5
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0