NVD

Id
39671  
Name
CVE-2013-3976  
Description
The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the (2) FlashCopy Manager for Exchange component 2.2 and 3.1 before 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not properly constrain mailbox contents during certain PST restore operations, which allows remote authenticated users to read the personal e-mail of other users in opportunistic circumstances by launching an e-mail client after an administrator performs a multiple-mailbox restore.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:N/AC:H/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2014-03-26  
Modified Date
2014-03-26  
Seq
2013-3976  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
201871 39671 CVE-2013-3976 IC81223  View
201872 39671 CVE-2013-3976 http://www-01.ibm.com/support/docview.wss?uid=swg21644407  View
201873 39671 CVE-2013-3976 tsm-cve20133976-info-disclosure(84881)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24682 JVNDB-2013-006257 IBM Tivoli Storage Manager for Mail および Tivoli Storage FlashCopy Manager における他のユーザの電子メールを読まれる脆弱性 IBM Tivoli Storage Manager for Mail の (1) Data Protection for Exchange コンポーネントおよび Tivoli Storage FlashCopy Manager の (2) FlashCopy Manager for Exchange コンポーネントは、特定の PST ファイルのリストア操作中にメールボックスのコンテンツを適切に制限しないため、他のユーザの個人的な電子メールを読まれる脆弱性が存在します。 CVE-2013-3976 63918 CVE-2013-3976 39671 2.1 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006257.html 2013-07-19 2014-03-27 View