CVE-2020-28198

low-risk
Published 2021-05-06

The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd). NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Do I need to act?

-
0.10% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (1)

Affected Vendors

Ibm

References (4)

Exploit https://github.com/VoidSec/Exploit-Development/blob/master/windows/x86/local/IBM...
Exploit https://voidsec.com/tivoli-madness/#IBM_Tivoli_Storage_Manager
Exploit https://github.com/VoidSec/Exploit-Development/blob/master/windows/x86/local/IBM...
Exploit https://voidsec.com/tivoli-madness/#IBM_Tivoli_Storage_Manager
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal