CVE Vulnerability

CVE-2007-5819

IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

2.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
http://secunia.com/advisories/27473 Vendor Advisory
http://www.securityfocus.com/bid/26293
http://www.vupen.com/english/advisories/2007/3683
https://exchange.xforce.ibmcloud.com/vulnerabilities/38215
Configurations

Configuration 1

cpe:2.3:a:ibm:tivoli_continuous_data_protection_for_files:3.1.0:*:*:*:*:*:*:*
Information

Published : 2007-11-05 06:46

Updated : 2017-07-29 01:33

NVD link : CVE-2007-5819

Mitre link : CVE-2007-5819

Products Affected
No products.
CWE
CWE-264