CVE-2014-6141

Name of the Vulnerable Software and Affected Versions IBM Tivoli Monitoring (ITM) versions 6.2.0 through 6.2.3, 6.3.0 before FP04

Description The issue allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands. This is achieved by leveraging Take Action view authority to modify in-progress commands.

Recommendations For IBM Tivoli Monitoring (ITM) versions 6.2.0 through 6.2.3, update to a version after FP03, FP04, FP09, and FP05 respectively to resolve the issue. For IBM Tivoli Monitoring (ITM) version 6.3.0, update to FP04 or later to resolve the issue.