Flexera InstallAnywhere untrusted DLL search path in IBM Tivoli Storage Manager Administration Center

#VU232 Flexera InstallAnywhere untrusted DLL search path in IBM Tivoli Storage Manager Administration Center

Published: 2016-07-29

Vulnerability identifier: #VU232

Vulnerability risk: High

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-4560

CWE-ID: CWE-427

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
IBM Tivoli Storage Manager Administration Center
Server applications / File servers (FTP/HTTP)

Vendor: IBM Corporation

Description
The vulnerability allows a local userr to obtain elevated privileges on the target system.

The vulnerability exists due to an untrusted search path. A local user can gain elevated privileges on the system using a Trojan horse DLL in the current working directory of a setup-launcher executable file.

Successful exploitation of this vulnerability may result in arbitrary code execution via local system.

Mitigation
Install the latest version: 6.3.6.

Vulnerable software versions

IBM Tivoli Storage Manager Administration Center: 6.1 - 6.3.0.0

External links
http://www-01.ibm.com/support/docview.wss?uid=swg21985483

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Flexera InstallAnywhere untrusted DLL search path in IBM Tivoli Storage Manager Administration Center