{"api_version":"1","generated_at":"2026-05-14T02:05:29+00:00","cve":"CVE-2012-4859","urls":{"html":"https://cve.report/CVE-2012-4859","api":"https://cve.report/api/cve/CVE-2012-4859.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-4859","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-4859"},"summary":{"title":"CVE-2012-4859","description":"Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors.","state":"PUBLISHED","assigner":"ibm","published_at":"2012-12-21 11:47:36","updated_at":"2026-04-29 01:13:23"},"problem_types":["NVD-CWE-noinfo","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21615292","name":"http://www-01.ibm.com/support/docview.wss?uid=swg21615292","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"IBM Security Bulletin: Two unauthorized access vulnerabilities in IBM TSM for Space Management (CVE-2012-4859 and CVE-2012-5954). - United States","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79843","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79843","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006","name":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"IBM notice: The page you requested cannot be displayed","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-4859","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4859","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"4859","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"tivoli_storage_manager_for_space_management","cpe6":"6.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"4859","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"tivoli_storage_manager_for_space_management","cpe6":"6.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"4859","vulnerable":"1","versionEndIncluding":"6.2.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"tivoli_storage_manager_for_space_management","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T20:50:17.408Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"tsm-user-privilege-escalation(79843)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"},{"name":"IC87006","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21615292"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2012-12-19T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-28T12:57:01.000Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"name":"tsm-user-privilege-escalation(79843)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"},{"name":"IC87006","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"},{"tags":["x_refsource_CONFIRM"],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21615292"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@us.ibm.com","ID":"CVE-2012-4859","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"tsm-user-privilege-escalation(79843)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79843"},{"name":"IC87006","refsource":"AIXAPAR","url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC87006"},{"name":"http://www-01.ibm.com/support/docview.wss?uid=swg21615292","refsource":"CONFIRM","url":"http://www-01.ibm.com/support/docview.wss?uid=swg21615292"}]}}}},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2012-4859","datePublished":"2012-12-21T11:00:00.000Z","dateReserved":"2012-09-06T00:00:00.000Z","dateUpdated":"2024-08-06T20:50:17.408Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2012-12-21 11:47:36","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["NVD-CWE-noinfo","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:*:*:*:*:*:*:*:*","versionEndIncluding":"6.2.0","matchCriteriaId":"A149A541-ACAF-4D32-BA49-CEC5F2A3A77D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.1.0:*:*:*:*:*:*:*","matchCriteriaId":"F2DC71CA-97C2-46EF-8082-2056F4D3BB2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:tivoli_storage_manager_for_space_management:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1D1030A8-2770-49BF-93EC-8C2FB08C3FCA"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"4859","Ordinal":"1","Title":"CVE-2012-4859","CVE":"CVE-2012-4859","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"4859","Ordinal":"1","NoteData":"Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors.","Type":"Description","Title":"CVE-2012-4859"},{"CveYear":"2012","CveId":"4859","Ordinal":"2","NoteData":"2012-12-21","Type":"Other","Title":"Published"},{"CveYear":"2012","CveId":"4859","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}