Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.
2009-11-04T15:30:00.717
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | tivoli_storage_manager | 5.2.5.3 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.0 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.1 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.2 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.2.4 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.3 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.4 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.5.1 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.6.1 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.6.2 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.6.3 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.6.4 | Yes |
| Application | ibm | tivoli_storage_manager | 5.3.6.5 | Yes |
| Application | ibm | tivoli_storage_manager | 5.4.0 | Yes |
| Application | ibm | tivoli_storage_manager | 5.4.1 | Yes |
| Application | ibm | tivoli_storage_manager | 5.5.0 | Yes |