CVE-2013-5371

{"id": "CVE-2013-5371", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-01-23T19:55:03.610", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC92933", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21662608", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86661", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations."}, {"lang": "es", "value": "El cliente en Tivoli Storage Manager (TSM) de IBM versiones 6.3.1 y 6.4.0 en Windows, no conserva los permisos del Sistema de Archivos Resistente (ReFS) en las operaciones de copia de seguridad y restauraci\u00f3n, lo que permite a los usuarios locales omitir las restricciones de acceso previstas por medio de las operaciones est\u00e1ndar del sistema de archivos."}], "lastModified": "2017-08-29T01:33:44.263", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "122C35D5-BF80-4DE4-861D-C7D6D4D56777"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2E9FBE6-B342-43BD-BB32-650A87AB8EBA"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}