CVE-2014-4813: Race Condition
First published: Fri Feb 13 2015(Updated: )
Race condition in the client in IBM Tivoli Storage Manager (TSM) 5.4.0.0 through 5.4.3.6, 5.5.0.0 through 5.5.4.3, 6.1.0.0 through 6.1.5.6, 6.2 before 6.2.5.4, 6.3 before 6.3.2.3, 6.4 before 6.4.2.1, and 7.1 before 7.1.1 on UNIX and Linux allows local users to obtain root privileges via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Tivoli Storage Manager | =5.4.1 | |
| IBM Tivoli Storage Manager | =5.4.2 | |
| IBM Tivoli Storage Manager | =5.4.2.2 | |
| IBM Tivoli Storage Manager | =5.4.2.3 | |
| IBM Tivoli Storage Manager | =5.4.2.4 | |
| IBM Tivoli Storage Manager | =5.4.3.0 | |
| IBM Tivoli Storage Manager | =5.4.3.2 | |
| IBM Tivoli Storage Manager | =5.4.3.3 | |
| IBM Tivoli Storage Manager | =5.4.3.4 | |
| IBM Tivoli Storage Manager | =5.4.3.6 | |
| IBM Tivoli Storage Manager | =5.5.0 | |
| IBM Tivoli Storage Manager | =5.5.1 | |
| IBM Tivoli Storage Manager | =5.5.2 | |
| IBM Tivoli Storage Manager | =5.5.3 | |
| IBM Tivoli Storage Manager | =5.5.4 | |
| IBM Tivoli Storage Manager | =5.5.4.1 | |
| IBM Tivoli Storage Manager | =5.5.4.2 | |
| IBM Tivoli Storage Manager | =5.5.4.3 | |
| IBM Tivoli Storage Manager | =6.1.0 | |
| IBM Tivoli Storage Manager | =6.1.1 | |
| IBM Tivoli Storage Manager | =6.1.2 | |
| IBM Tivoli Storage Manager | =6.1.3 | |
| IBM Tivoli Storage Manager | =6.1.4 | |
| IBM Tivoli Storage Manager | =6.1.5 | |
| IBM Tivoli Storage Manager | =6.1.5.4 | |
| IBM Tivoli Storage Manager | =6.1.5.5 | |
| IBM Tivoli Storage Manager | =6.1.5.6 | |
| IBM Tivoli Storage Manager | =6.2.0.0 | |
| IBM Tivoli Storage Manager | =6.2.1 | |
| IBM Tivoli Storage Manager | =6.2.2 | |
| IBM Tivoli Storage Manager | =6.2.3 | |
| IBM Tivoli Storage Manager | =6.2.4 | |
| IBM Tivoli Storage Manager | =6.2.4.4 | |
| IBM Tivoli Storage Manager | =6.2.4.7 | |
| IBM Tivoli Storage Manager | =6.3.0.0 | |
| IBM Tivoli Storage Manager | =6.3.0.1 | |
| IBM Tivoli Storage Manager | =6.3.0.17 | |
| IBM Tivoli Storage Manager | =6.3.1 | |
| IBM Tivoli Storage Manager | =6.3.2 | |
| IBM Tivoli Storage Manager | =6.3.2.1 | |
| IBM Tivoli Storage Manager | =6.4.0.0 | |
| IBM Tivoli Storage Manager | =6.4.2 | |
| IBM Tivoli Storage Manager | =7.1.0 | |
| Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-4813?
CVE-2014-4813 is rated as a medium severity vulnerability due to its potential to allow local users to gain root privileges.
How do I fix CVE-2014-4813?
To mitigate CVE-2014-4813, update IBM Tivoli Storage Manager to a version that is not affected by this vulnerability, specifically versions 5.4.3.7 and higher, 5.5.5 and higher, and so on.
Who is affected by CVE-2014-4813?
CVE-2014-4813 affects local users of IBM Tivoli Storage Manager versions ranging from 5.4.0.0 to 7.1.0 on UNIX and Linux systems.
What type of vulnerability is CVE-2014-4813?
CVE-2014-4813 is classified as a race condition vulnerability in the client application of IBM Tivoli Storage Manager.
What platforms are impacted by CVE-2014-4813?
CVE-2014-4813 impacts IBM Tivoli Storage Manager running on UNIX and Linux platforms.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/references
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- vendor/ibm
- canonical/ibm tivoli storage manager
- version/ibm tivoli storage manager/5.4.1
- version/ibm tivoli storage manager/5.4.2
- version/ibm tivoli storage manager/5.4.2.2
- version/ibm tivoli storage manager/5.4.2.3
- version/ibm tivoli storage manager/5.4.2.4
- version/ibm tivoli storage manager/5.4.3.0
- version/ibm tivoli storage manager/5.4.3.2
- version/ibm tivoli storage manager/5.4.3.3
- version/ibm tivoli storage manager/5.4.3.4
- version/ibm tivoli storage manager/5.4.3.6
- version/ibm tivoli storage manager/5.5.0
- version/ibm tivoli storage manager/5.5.1
- version/ibm tivoli storage manager/5.5.2
- version/ibm tivoli storage manager/5.5.3
- version/ibm tivoli storage manager/5.5.4
- version/ibm tivoli storage manager/5.5.4.1
- version/ibm tivoli storage manager/5.5.4.2
- version/ibm tivoli storage manager/5.5.4.3
- version/ibm tivoli storage manager/6.1.0
- version/ibm tivoli storage manager/6.1.1
- version/ibm tivoli storage manager/6.1.2
- version/ibm tivoli storage manager/6.1.3
- version/ibm tivoli storage manager/6.1.4
- version/ibm tivoli storage manager/6.1.5
- version/ibm tivoli storage manager/6.1.5.4
- version/ibm tivoli storage manager/6.1.5.5
- version/ibm tivoli storage manager/6.1.5.6
- version/ibm tivoli storage manager/6.2.0.0
- version/ibm tivoli storage manager/6.2.1
- version/ibm tivoli storage manager/6.2.2
- version/ibm tivoli storage manager/6.2.3
- version/ibm tivoli storage manager/6.2.4
- version/ibm tivoli storage manager/6.2.4.4
- version/ibm tivoli storage manager/6.2.4.7
- version/ibm tivoli storage manager/6.3.0.0
- version/ibm tivoli storage manager/6.3.0.1
- version/ibm tivoli storage manager/6.3.0.17
- version/ibm tivoli storage manager/6.3.1
- version/ibm tivoli storage manager/6.3.2
- version/ibm tivoli storage manager/6.3.2.1
- version/ibm tivoli storage manager/6.4.0.0
- version/ibm tivoli storage manager/6.4.2
- version/ibm tivoli storage manager/7.1.0
- vendor/linux
- canonical/linux kernel