CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-3915

The userRequest servlet in the Admin Center for Tivoli Storage Manager in Rocket Servergraph allows remote attackers to execute arbitrary commands via a (1) auth, (2) auth_session, (3) auth_simple, (4) add, (5) add_flat, (6) remove, (7) set_pwd, (8) add_permissions, (9) revoke_permissions, (10) runAsync, or (11) tsmRequest command.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.8%

CVSS Severity

CVSS v2 Score 10.0

References

http://www.securityfocus.com/bid/67780
http://www.zerodayinitiative.com/advisories/ZDI-14-164/
http://www.securityfocus.com/bid/67780
http://www.zerodayinitiative.com/advisories/ZDI-14-164/

Products affected by CVE-2014-3915

Rocketsoftware » Rocket Servergraph » Version: N/A

cpe:2.3:a:rocketsoftware:rocket_servergraph:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3915

Products

Pricing

Contact Us