CVE-2013-5371

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
23/01/2014
Last modified:
11/04/2025

Description

The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*