|Date: (C)2008-10-30 (M)2017-08-08|
|CVSS Score: 10.0||Access Vector: NETWORK|
|Exploitability Subscore: 10.0||Access Complexity: LOW|
|Impact Subscore: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|
Heap-based buffer overflow in the Data Protection for SQL CAD service (aka dsmcat.exe) in the Client Acceptor Daemon (CAD) and the scheduler in the Backup-Archive client 188.8.131.52 through 184.108.40.206, 220.127.116.11 through 18.104.22.168, 22.214.171.124 through 126.96.36.199, 188.8.131.52 through 184.108.40.206, and 220.127.116.11 through 18.104.22.168 in IBM Tivoli Storage Manager (TSM); and the Backup-Archive client in TSM Express; allows remote attackers to execute arbitrary code by sending a large amount of crafted data to a TCP port.