PT-2015-4130 · Ibm · Tivoli Asset Discovery For Distributed+2

Vincent Ruijter

Published

2015-05-25

Updated

2015-05-26

CVE-2014-8926

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions IBM License Metric Tool versions prior to 2.7.0.2050 Endpoint Manger for Software Use Analysis version 9 Tivoli Asset Discovery for Distributed versions 7.2.2 and 7.5

Description The issue allows remote attackers to cause a denial of service, resulting in CPU consumption or application crash, via a crafted XML query.

Recommendations For IBM License Metric Tool, update to version 2.7.0.2050 or later. For Endpoint Manger for Software Use Analysis version 9, at the moment, there is no information about a newer version that contains a fix for this issue. For Tivoli Asset Discovery for Distributed versions 7.2.2 and 7.5, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2014-8926

Affected Products

Ibm Endpoint Manager For Software Use Analysis

Ibm License Metric Tool

Tivoli Asset Discovery For Distributed

PT-2015-4130 · Ibm · Tivoli Asset Discovery For Distributed+2

CVE-2014-8926

Weakness Enumeration

Related Identifiers

Affected Products

References · 2