VYPR
Get started
← All advisories
Medium severity5.5NVD Advisory· Published Oct 5, 2017· Updated May 13, 2026

CVE-2017-1301

CVE-2017-1301

Description

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM Spectrum Protect Backup-archive Client creates temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. IBM X-Force ID: 125163.

Affected products

63
  • IBM/Tivoli Storage Manager62 versions
    cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*+ 61 more
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.1.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.3.6.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.500:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.600:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:6.4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.300:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.000:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1..5.100:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.5.200:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:7.1.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:8.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_storage_manager:8.1.0.2:*:*:*:*:*:*:*
  • IBM/Spectrum Protectv5
    Range: 7.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.