CVE-2011-2330

Name of the Vulnerable Software and Affected Versions IBM Tivoli Management Framework versions 3.7.1, 4.1, 4.1.1, and 4.3.1

Description The issue concerns an unspecified built-in account in Tivoli Endpoint that can be trivially accessed. This makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495.

Recommendations For versions 3.7.1, 4.1, 4.1.1, and 4.3.1, restrict access to TCP port 9495 to minimize the risk of exploitation. As a temporary workaround, consider restricting access to restricted pages until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.