IT04252: CONFIDENTIAL DATA EXPOSURE WHEN RESTORING MICROSOFT EXCHANGE MAILBOXES WHICH HAVE THE SAME ALIAS DEFINED CVE-2015-4950

APAR status

Closed as program error.

Error description

*VULNERABILITY SUMMARY*

In environments with duplicated mailbox aliases, Tivoli
Storage Manager FastBack for Microsoft Exchange may open
and restore the wrong mailbox.

*VULNERABILITY DETAILS*

Tivoli Storage Manager FastBack for Microsoft Exchange could
allow a local user with elevated privileges to obtain sensitive
information by manipulating mailbox names that share the same
alias.

For example:

Mailbox Display Name Alias
mailbox1             sales
mailbox2             sales

When two mailboxes have the same alias, users may encounter the
following problems when using affected software:

-the Mailbox Restore Browser interface may populate mailboxes
with the folders and messages from a different mailbox than the
one intended

- restoring a mailbox via the CLI interface, using the alias
instead of the mailbox display name, may restore a different
mailbox than the one intended

- the mailbox history may not correctly represent the mailboxes
that share the same alias

- the wrong mailbox may be opened when using the "Open
Mailbox" function. Subsequently, folders and messages
could be restored to that incorrect mailbox.

Local fix

Use the Exchange Management Console or Powershell commands to
rename the duplicated mailbox alias to a unique value.

Problem summary

****************************************************************
USERS AFFECTED
.
All users of :
.
- Tivoli Storage Manager FastBack for Microsoft Exchange Server
6.1
.
who have more than one mailbox display name using the same
alias.
****************************************************************
PROBLEM DESCRIPTION
.
See ERROR DESCRIPTION
.
For additional details, refer to the security bulleting
published here: http://www.ibm.com/support/docview.wss?
uid=swg21963629
****************************************************************
RECOMENDATION:
.
This fix is available in Tivoli Storage Manager FastBack for
Microsoft Exchange 6.1.5.4.
****************************************************************

Problem conclusion

Tivoli Storage Manager FastBack for Microsoft Exchange has been
updated to correctly handle restore mailboxes have duplicated
aliases.

Temporary fix

Comments

APAR Information

APAR number
IT04252
Reported component name
TDP EXCHANGE WI
Reported component ID
5698DPXAP
Reported release
71W
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-09-07
Closed date
2014-09-07
Last modified date
2015-08-11

APAR is sysrouted FROM one or more of the following:

IT04251
APAR is sysrouted TO one or more of the following:

Modules/Macros

```
FEBCC
```

Fix information

Fixed component name
TDP EXCHANGE WI
Fixed component ID
5698DPXAP

Applicable component levels

R71W PSY
UP
R64W PSY
UP
R63W PSY
UP

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSTG2D","label":"Tivoli Storage Manager for Mail"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"71W","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
11 August 2015

Tips

IT04252: CONFIDENTIAL DATA EXPOSURE WHEN RESTORING MICROSOFT EXCHANGE MAILBOXES WHICH HAVE THE SAME ALIAS DEFINED CVE-2015-4950

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R71W PSY

R64W PSY

R63W PSY

Document Information

Share your feedback

Need support?