CVE-2013-2974

2014-01-29T05:37:00
ID CVE-2013-2974
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:33:00

Description

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL.