CVE-2007-5819

IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

Published: Nov 5, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5819
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ibm / tivoli_continuous_data_protection_for_files	3.1.0	3.1.0.x

http://secunia.com/advisories/27473
http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
http://www.securityfocus.com/bid/26293
http://www.vupen.com/english/advisories/2007/3683
https://exchange.xforce.ibmcloud.com/vulnerabilities/38215

Vulnerability Database

CVE-2007-5819