CVE-2014-6185

high

Description

dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to gain privileges via a crafted DSO file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98521

http://www-01.ibm.com/support/docview.wss?uid=swg21695715

http://www-01.ibm.com/support/docview.wss?uid=swg1IT05713

Details

Source: Mitre, NVD

Published: 2015-02-13

Updated: 2017-09-08

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High