CVE-2013-6335

LOW Year: 2013
CVSS v2 Score
3.3
Low
Weakness Type
CWE-281
View all →

Vulnerability Description

The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.

Related Vulnerabilities

CVE-2024-36532

CRITICAL
CVSS:10.0(Critical)

Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.

CWE-2812024

CVE-2017-8543

CRITICAL
CVSS:9.8(Critical)

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 ...

CWE-2812017

CVE-2017-8589

CRITICAL
CVSS:9.8(Critical)

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code...

CWE-2812017

CVE-2018-4115

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPre...

CWE-2812018

CVE-2020-18890

CRITICAL
CVSS:9.8(Critical)

Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell via /admin/functions.php.

CWE-2812020

CVE-2020-36070

CRITICAL
CVSS:9.8(Critical)

Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component.

CWE-2812020