Lucene search

IbmCVE-2014-4765

HistoryOct 02, 2014 - 12:55 a.m.

CVE-2014-4765

2014-10-0200:55:03

CWE-200

ibm

web.nvd.nist.gov

ibm

maximo asset management

cve-2014-4765

vulnerability

directory information disclosure

remote attack

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote attackers to obtain sensitive directory information by reading an unspecified error message.

Affected configurations

Nvd

Node

ibmchange_and_configuration_management_databaseMatch7.1

ibmchange_and_configuration_management_databaseMatch7.2

ibmmaximo_asset_managementMatch7.1

ibmmaximo_asset_managementMatch7.1.1

ibmmaximo_asset_managementMatch7.1.1.1

ibmmaximo_asset_managementMatch7.1.1.2

ibmmaximo_asset_managementMatch7.1.1.5

ibmmaximo_asset_managementMatch7.1.1.6

ibmmaximo_asset_managementMatch7.1.1.7

ibmmaximo_asset_managementMatch7.1.1.8

ibmmaximo_asset_managementMatch7.1.1.9

ibmmaximo_asset_managementMatch7.1.1.10

ibmmaximo_asset_managementMatch7.1.1.11

ibmmaximo_asset_managementMatch7.1.1.12

ibmmaximo_asset_managementMatch7.1.1.13

ibmmaximo_asset_managementMatch7.1.2

ibmmaximo_asset_managementMatch7.5.0.0

ibmmaximo_asset_managementMatch7.5.0.1

ibmmaximo_asset_managementMatch7.5.0.2

ibmmaximo_asset_managementMatch7.5.0.3

ibmmaximo_asset_managementMatch7.5.0.4

ibmmaximo_asset_managementMatch7.5.0.5

ibmmaximo_asset_managementMatch7.5.0.6

ibmmaximo_asset_managementMatch7.5.0.10

ibmmaximo_asset_management_essentialsMatch7.1

ibmmaximo_asset_management_essentialsMatch7.5.0.0

ibmmaximo_for_governmentMatch7.1

ibmmaximo_for_governmentMatch7.5.0.0

ibmmaximo_for_life_sciencesMatch7.1

ibmmaximo_for_life_sciencesMatch7.5.0.0

ibmmaximo_for_nuclear_powerMatch7.1

ibmmaximo_for_nuclear_powerMatch7.5.0.0

ibmmaximo_for_oil_and_gasMatch7.1

ibmmaximo_for_oil_and_gasMatch7.5.0.0

ibmmaximo_for_transportationMatch7.1

ibmmaximo_for_transportationMatch7.5.0.0

ibmmaximo_for_utilitiesMatch7.1

ibmmaximo_for_utilitiesMatch7.5.0.0

ibmsmartcloud_control_deskMatch7.5.0.1

ibmsmartcloud_control_deskMatch7.5.0.2

ibmsmartcloud_control_deskMatch7.5.0.3

ibmsmartcloud_control_deskMatch7.5.0.5

ibmsmartcloud_control_deskMatch7.5.1.0

ibmsmartcloud_control_deskMatch7.5.1.1

ibmtivoli_asset_management_for_itMatch7.1

ibmtivoli_asset_management_for_itMatch7.2

ibmtivoli_service_request_managerMatch7.1

ibmtivoli_service_request_managerMatch7.2

VendorProductVersionCPE
ibmchange_and_configuration_management_database7.1cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:*
ibmchange_and_configuration_management_database7.2cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1.1cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1.2cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1.5cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1.6cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1.7cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*
ibmmaximo_asset_management7.1.1.8cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	change_and_configuration_management_database	7.1	cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:::::::*
ibm	change_and_configuration_management_database	7.2	cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:::::::*
ibm	maximo_asset_management	7.1	cpe:2.3:a:ibm:maximo_asset_management:7.1:::::::*
ibm	maximo_asset_management	7.1.1	cpe:2.3:a:ibm:maximo_asset_management:7.1.1:::::::*
ibm	maximo_asset_management	7.1.1.1	cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:::::::*
ibm	maximo_asset_management	7.1.1.2	cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:::::::*
ibm	maximo_asset_management	7.1.1.5	cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:::::::*
ibm	maximo_asset_management	7.1.1.6	cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:::::::*
ibm	maximo_asset_management	7.1.1.7	cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:::::::*
ibm	maximo_asset_management	7.1.1.8	cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:::::::*

Rows per page:

1-10 of 481

References

www-01.ibm.com/support/docview.wss?uid=swg21685289

exchange.xforce.ibmcloud.com/vulnerabilities/94757

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

Related for CVE-2014-4765