CVE-2016-5934

HIGH

IBM Tivoli Storage Manager FastBack - RCE

Title source: llm
STIX 2.1

Description

IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. By placing a specially-crafted DLL in the victim's path, an attacker could exploit this vulnerability when the installer is executed to run arbitrary code on the system with privileges of the victim.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92614
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21988908

Scores

CVSS v3 7.3
EPSS 0.0092
EPSS Percentile 76.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-264
Status published
Products (34)
ibm/tivoli_storage_manager_fastback
IBM Corporation/Tivoli Storage Manager FastBack 3.5.604
IBM Corporation/Tivoli Storage Manager FastBack 3.5.705
IBM Corporation/Tivoli Storage Manager FastBack 3.5.801
IBM Corporation/Tivoli Storage Manager FastBack 3.5.802
IBM Corporation/Tivoli Storage Manager FastBack 3.5.804
IBM Corporation/Tivoli Storage Manager FastBack 5.5
IBM Corporation/Tivoli Storage Manager FastBack 5.5.0
IBM Corporation/Tivoli Storage Manager FastBack 5.5.1
IBM Corporation/Tivoli Storage Manager FastBack 5.5.2
... and 24 more
Published Feb 08, 2017
Tracked Since Feb 18, 2026