Lucene search

K
cve[email protected]CVE-2014-6141
HistoryFeb 02, 2015 - 1:59 a.m.

CVE-2014-6141

2015-02-0201:59:01
CWE-264
web.nvd.nist.gov
18
cve-2014-6141
itm
ibm
security vulnerability
remote access
command execution

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.5%

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

Affected configurations

NVD
Node
ibmtivoli_monitoringMatch6.2.0
OR
ibmtivoli_monitoringMatch6.2.0.1
OR
ibmtivoli_monitoringMatch6.2.0.2
OR
ibmtivoli_monitoringMatch6.2.0.3
OR
ibmtivoli_monitoringMatch6.2.1
OR
ibmtivoli_monitoringMatch6.2.1.0
OR
ibmtivoli_monitoringMatch6.2.1.1
OR
ibmtivoli_monitoringMatch6.2.1.2
OR
ibmtivoli_monitoringMatch6.2.1.3
OR
ibmtivoli_monitoringMatch6.2.1.4
OR
ibmtivoli_monitoringMatch6.2.2
OR
ibmtivoli_monitoringMatch6.2.2.0
OR
ibmtivoli_monitoringMatch6.2.2.1
OR
ibmtivoli_monitoringMatch6.2.2.2
OR
ibmtivoli_monitoringMatch6.2.2.3
OR
ibmtivoli_monitoringMatch6.2.2.4
OR
ibmtivoli_monitoringMatch6.2.2.5
OR
ibmtivoli_monitoringMatch6.2.2.6
OR
ibmtivoli_monitoringMatch6.2.2.7
OR
ibmtivoli_monitoringMatch6.2.2.8
OR
ibmtivoli_monitoringMatch6.2.2.9
OR
ibmtivoli_monitoringMatch6.2.3
OR
ibmtivoli_monitoringMatch6.2.3.0
OR
ibmtivoli_monitoringMatch6.2.3.1
OR
ibmtivoli_monitoringMatch6.2.3.2
OR
ibmtivoli_monitoringMatch6.2.3.3
OR
ibmtivoli_monitoringMatch6.2.3.4
OR
ibmtivoli_monitoringMatch6.2.3.5
OR
ibmtivoli_monitoringMatch6.3.0
OR
ibmtivoli_monitoringMatch6.3.0.1
OR
ibmtivoli_monitoringMatch6.3.0.2
OR
ibmtivoli_monitoringMatch6.3.0.3
OR
ibmtivoli_monitoringMatch6.3.0.4

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.5%

Related for CVE-2014-6141