CVE-2015-0104

Name of the Vulnerable Software and Affected Versions IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database versions 7.1 through 7.1.1.8 and 7.2 Maximo Asset Management and Maximo Industry Solutions versions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002

Description The issue allows remote authenticated users to execute arbitrary code via unspecified vectors.

Recommendations For IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database versions 7.1 through 7.1.1.8, update to a version outside of the affected range. For IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database version 7.2, update to a version outside of the affected range. For Maximo Asset Management and Maximo Industry Solutions versions 7.1 through 7.1.1.8, update to a version outside of the affected range. For Maximo Asset Management and Maximo Industry Solutions version 7.5, apply 7.5.0.7 IFIX003 or later. For Maximo Asset Management and Maximo Industry Solutions version 7.6, apply 7.6.0.0 IFIX002 or later.