Vulnerability Details : CVE-2013-5371
The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.
Exploit prediction scoring system (EPSS) score for CVE-2013-5371
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-5371
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2013-5371
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-5371
-
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92933
IBM notice: The page you requested cannot be displayedVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86661
IBM Tivoli Storage Manager information disclosure CVE-2013-5371 Vulnerability Report
-
http://www.ibm.com/support/docview.wss?uid=swg21662608
IBM notice: The page you requested cannot be displayedVendor Advisory
Products affected by CVE-2013-5371
- cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*