1. CVE-Search
  2. CVE-2009-1521
ID CVE-2009-1521
Summary Unspecified vulnerability in the Java GUI in the IBM Tivoli Storage Manager (TSM) client 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.5, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17, and the TSM Express client 5.3.3.0 through 5.3.6.5, allows attackers to read or modify arbitrary files via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_client:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_client:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 17-08-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
aixapar IC59779
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21384389
secunia 32604
vupen ADV-2009-1235
xf ibm-tsm-javagui-security-bypass(50329)
Last major update 17-08-2017 - 01:30
Published 05-05-2009 - 17:30
Last modified 17-08-2017 - 01:30
Back to Top