Advisory for CVE-2020-28054 & stack based buffer overflow in IBM Tivoli Storage Manager# Tivoli-Madness
Advisory for:
+ CVE-2020-28054: An Authorization Bypass vulnerability affecting JamoDat – TSMManager Collector v. <= 6.5.0.21
+ A Stack Based Buffer Overflow affecting IBM Tivoli Storage Manager (Command Line Administrative Interface) Version 5, Release 2, Level 0.1.
Unfortunately, after I had one of the rudest encounters with an Hackerone’s triager, these are the takeaways:
+ IBM Tivoli Storage Manager has reached its end of life support and will not be patched.
+ No CVE number was released.
+ I cannot verify if this vulnerability is also affecting the newer IBM Spectrum Protect, so, good luck with that.
### You can read more on: [https://voidsec.com/tivoli-madness](https://voidsec.com/tivoli-madness)
[4.0K] /data/pocs/0086a1df941aab6fcbd36af649ab1e389b60c8d2
├── [1.4K] CreateProcessPoC.cpp
├── [4.0K] IBM - ITSM Administrator Client
│ ├── [1.0M] IBM_ITSM_Administrator_Client_v.5.2.0.1.zip
│ └── [7.2K] IBM_TSM_v.5.2.0.1_exploit.py
├── [4.0K] JamoDat - TSMManager
│ ├── [1.6K] TSM_Client.py
│ ├── [ 13M] TSMmgr_client_patched.exe
│ ├── [ 19M] TSMMgr_Collector_v.6.3.exe
│ └── [7.1M] TSMMgr_Viewer_v.6.3.exe
└── [ 741] README.md
2 directories, 8 files