Privilege Escalation via Crafted DSO File in IBM Tivoli Storage Manager (TSM)

Privilege Escalation via Crafted DSO File in IBM Tivoli Storage Manager (TSM)

CVE-2014-6185 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to gain privileges via a crafted DSO file.

Learn more about our Cis Benchmark Audit For Ibm I.