PT-2014-6107 · Ibm · Ibm Maximo Asset Management
Publicado
2014-10-02
·
Atualizado
2017-08-29
·
CVE-2014-4765
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Maximo Asset Management versions 7.1 through 7.1.1.13
IBM Maximo Asset Management versions 7.5 through 7.5.0.6
IBM Maximo Asset Management versions 7.5.0 through 7.5.0.3 for SmartCloud Control Desk
IBM Maximo Asset Management versions 7.5.1 through 7.5.1.2 for SmartCloud Control Desk
IBM Maximo Asset Management version 7.1 for Tivoli IT Asset Management for IT
IBM Maximo Asset Management version 7.2 for Tivoli IT Asset Management for IT
Description
The issue allows remote attackers to obtain sensitive directory information by reading an unspecified error message.
Recommendations
For IBM Maximo Asset Management versions 7.1 through 7.1.1.13, update to a version outside of this range.
For IBM Maximo Asset Management versions 7.5 through 7.5.0.6, update to a version outside of this range.
For IBM Maximo Asset Management versions 7.5.0 through 7.5.0.3 for SmartCloud Control Desk, update to a version outside of this range.
For IBM Maximo Asset Management versions 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, update to a version outside of this range.
For IBM Maximo Asset Management version 7.1 for Tivoli IT Asset Management for IT, update to a version outside of this range.
For IBM Maximo Asset Management version 7.2 for Tivoli IT Asset Management for IT, update to a version outside of this range.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Maximo Asset Management