Lucene search

IbmCVE-2012-2185

HistorySep 10, 2012 - 5:55 p.m.

CVE-2012-2185

2012-09-1017:55:01

CWE-200

ibm

web.nvd.nist.gov

ibm

maximo

asset management

security

vulnerability

cve-2012-2185

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0.002

Percentile

61.0%

JSON

IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive information via unspecified vectors.

Affected configurations

Nvd

Node

ibmchange_and_configuration_management_databaseMatch6.0

ibmchange_and_configuration_management_databaseMatch7.0

ibmmaximo_asset_managementMatch6.2.0.0

ibmmaximo_asset_managementMatch7.1.0.0

ibmmaximo_asset_managementMatch7.5.0.0

ibmmaximo_service_deskMatch6.2

ibmsmartcloud_control_deskMatch7.0

ibmtivoli_asset_management_for_itMatch6.0

ibmtivoli_asset_management_for_itMatch6.2

ibmtivoli_asset_management_for_itMatch7.0

ibmtivoli_asset_management_for_itMatch7.1

ibmtivoli_asset_management_for_itMatch7.2

ibmtivoli_service_request_managerMatch7.0

VendorProductVersionCPE
ibmchange_and_configuration_management_database6.0cpe:2.3:a:ibm:change_and_configuration_management_database:6.0:*:*:*:*:*:*:*
ibmchange_and_configuration_management_database7.0cpe:2.3:a:ibm:change_and_configuration_management_database:7.0:*:*:*:*:*:*:*
ibmmaximo_asset_management6.2.0.0cpe:2.3:a:ibm:maximo_asset_management:6.2.0.0:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.0.0cpe:2.3:a:ibm:maximo_asset_management:7.1.0.0:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5.0.0cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*
ibmmaximo_service_desk6.2cpe:2.3:a:ibm:maximo_service_desk:6.2:*:*:*:*:*:*:*
ibmsmartcloud_control_desk7.0cpe:2.3:a:ibm:smartcloud_control_desk:7.0:*:*:*:*:*:*:*
ibmtivoli_asset_management_for_it6.0cpe:2.3:a:ibm:tivoli_asset_management_for_it:6.0:*:*:*:*:*:*:*
ibmtivoli_asset_management_for_it6.2cpe:2.3:a:ibm:tivoli_asset_management_for_it:6.2:*:*:*:*:*:*:*
ibmtivoli_asset_management_for_it7.0cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	change_and_configuration_management_database	6.0	cpe:2.3:a:ibm:change_and_configuration_management_database:6.0:::::::*
ibm	change_and_configuration_management_database	7.0	cpe:2.3:a:ibm:change_and_configuration_management_database:7.0:::::::*
ibm	maximo_asset_management	6.2.0.0	cpe:2.3:a:ibm:maximo_asset_management:6.2.0.0:::::::*
ibm	maximo_asset_management	7.1.0.0	cpe:2.3:a:ibm:maximo_asset_management:7.1.0.0:::::::*
ibm	maximo_asset_management	7.5.0.0	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:::::::*
ibm	maximo_service_desk	6.2	cpe:2.3:a:ibm:maximo_service_desk:6.2:::::::*
ibm	smartcloud_control_desk	7.0	cpe:2.3:a:ibm:smartcloud_control_desk:7.0:::::::*
ibm	tivoli_asset_management_for_it	6.0	cpe:2.3:a:ibm:tivoli_asset_management_for_it:6.0:::::::*
ibm	tivoli_asset_management_for_it	6.2	cpe:2.3:a:ibm:tivoli_asset_management_for_it:6.2:::::::*
ibm	tivoli_asset_management_for_it	7.0	cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.0:::::::*

Rows per page:

1-10 of 131

References

osvdb.org/85183

secunia.com/advisories/50551

www-01.ibm.com/support/docview.wss?uid=swg1IV17942

www-01.ibm.com/support/docview.wss?uid=swg21610081

exchange.xforce.ibmcloud.com/vulnerabilities/75784

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0.002

Percentile

61.0%

JSON

Related for CVE-2012-2185