Security readout for executives and security teams
This issue affects older IBM Tivoli Storage Manager servers when HTTP communication is enabled. Remote HTTP traffic can make the server crash or hang, disrupting backup and storage management operations. The bundle does not show active exploitation or a CVSS score. Exposure is likely limited to legacy IBM TSM deployments that still run affected versions and have the HTTP communication method enabled. Internet exposure would increase business risk, but the source bundle does not confirm typical deployment patterns. Prioritize if IBM TSM is still used for business-critical backup or recovery workflows. A successful denial of service could interrupt backup operations and complicate recovery readiness, but available sources do not support emergency treatment for active exploitation. Mitigation focus: Upgrade affected TSM branches to the fixed versions listed in the CVE record.; Check IBM support advisories for version-specific remediation guidance.; Disable or restrict HTTP communication only if IBM guidance and operations allow it..
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
CVE-2004-2762 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
Open ATT&CK lookup- Severity
- Unknown
- CVSS
- Not scored
- Known Exploited
- No
- Published
CNA and ADP enrichment extracted from CVE v5
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
CVSS and timeline data
No CVSS vectors or timeline events were available in the normalized CVE source material.
Source materials
- CVE List V5 sourceCVE List V5
- tsm-http-dos(49535)CVE reference · vdb-entry, x_refsource_XF
Products and packages named in the record
CWE details
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
