Back
CVE-2015-8521
CRITICAL
Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8522.
Published: Apr 5, 2016
Modified: May 6, 2026
CWE-119
CVSS Metrics
CVSSv3
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products (35)
| Vendor | Product | Version |
|---|---|---|
| ibm | tivoli_storage_manager_fastback | 5.5.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.0.1 |
| ibm | tivoli_storage_manager_fastback | 6.1.1 |
| ibm | tivoli_storage_manager_fastback | 6.1.1.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.2 |
| ibm | tivoli_storage_manager_fastback | 6.1.2.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.3 |
| ibm | tivoli_storage_manager_fastback | 6.1.3.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.4 |
| ibm | tivoli_storage_manager_fastback | 6.1.4.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.5 |
| ibm | tivoli_storage_manager_fastback | 6.1.5.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.5.2 |
| ibm | tivoli_storage_manager_fastback | 6.1.6 |
| ibm | tivoli_storage_manager_fastback | 6.1.6.0 |
| ibm | tivoli_storage_manager_fastback | 6.1.6.1 |
| ibm | tivoli_storage_manager_fastback | 6.1.6.2 |
| ibm | tivoli_storage_manager_fastback | 6.1.7 |
| ibm | tivoli_storage_manager_fastback | 6.1.7.0 |
…and 15 more
References (4)
Risk Scores
CVSS Score
9.8 / 10
EPSS Score
8.91%
Top 7% most likely to be exploited
Threat Score
41.9 / 100
Data Sources
NVD
EPSS