CVE-2014-3915 Information
Feb 14, 2021
cve
Description
The userRequest servlet in the Admin Center for Tivoli Storage Manager in Rocket Servergraph allows remote attackers to execute arbitrary commands via a (1) auth (2) auth_session (3) auth_simple (4) add (5) add_flat (6) remove (7) set_pwd (8) add_permissions (9) revoke_permissions (10) runAsync or (11) tsmRequest command.
Reference
http://www.securityfocus.com/bid/67780 http://www.zerodayinitiative.com/advisories/ZDI-14-164/
Share on: