Vigil@nce - IBM Tivoli Storage Manager: information disclosure via symbolic links
September 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An local attacker can submit symbolic links to IBM Tivoli Storage
Manager, in order to get access to sensitive backups.
Impacted products: Tivoli Storage Manager.
Severity: 2/4.
Creation date: 01/07/2016.
DESCRIPTION OF THE VULNERABILITY
The IBM Tivoli Storage Manager product provides a way to request
creation and download of backup archives.
There are access rules to protect the archives. However, an local
attacker can request an archive using a symbolic link instead of
the real path in order to bypass the access rules.
An local attacker can therefore submit symbolic links to IBM
Tivoli Storage Manager, in order to get access to sensitive
backups.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN