PT-2015-4131 · Ibm · Tivoli Asset Discovery For Distributed+2
Vincent Ruijter
·
Published
2015-05-25
·
Updated
2015-05-26
·
CVE-2014-8927
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
IBM License Metric Tool versions 7.2.2 through 9 before 2.7.0.2050
Endpoint Manger for Software Use Analysis version 9
Tivoli Asset Discovery for Distributed versions 7.2.2 through 7.5
Description
The issue allows remote attackers to cause a denial of service, resulting in CPU consumption or application crash, via a crafted XML query.
Recommendations
For IBM License Metric Tool versions 7.2.2 through 9, update to version 2.7.0.2050 or later.
For Endpoint Manger for Software Use Analysis version 9, update to a version that includes the fix for this issue.
For Tivoli Asset Discovery for Distributed versions 7.2.2 through 7.5, update to a version that includes the fix for this issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Endpoint Manager For Software Use Analysis
Ibm License Metric Tool
Tivoli Asset Discovery For Distributed