CVE-2013-6714

The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions.

Published: May 26, 2014
Updated: Apr 13, 2023
CVE: CVE-2013-6714
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.1
AV:L/AC:M/Au:S/C:P/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ibm / tivoli_storage_flashcopy_manager	4.1.0.1	4.1.0.1.x
ibm / tivoli_storage_flashcopy_manager	3.1.1	3.1.1.x
ibm / tivoli_storage_flashcopy_manager	3.2.1	3.2.1.x
ibm / tivoli_storage_flashcopy_manager	3.2.0	3.2.0.x
ibm / tivoli_storage_flashcopy_manager	3.1.0	3.1.0.x
ibm / tivoli_storage_flashcopy_manager	4.1.0	4.1.0.x

http://www-01.ibm.com/support/docview.wss?uid=swg21673045
https://exchange.xforce.ibmcloud.com/vulnerabilities/89057

Vulnerability Database

CVE-2013-6714