Lucene search

K
cve[email protected]CVE-2014-6141
HistoryFeb 02, 2015 - 1:59 a.m.

CVE-2014-6141

2015-02-0201:59:01
CWE-264
web.nvd.nist.gov
18
cve-2014-6141
itm
ibm
security vulnerability
remote access
command execution

7.1 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.4%

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

Affected configurations

NVD
Node
ibmtivoli_monitoringMatch6.2.0
OR
ibmtivoli_monitoringMatch6.2.0.1
OR
ibmtivoli_monitoringMatch6.2.0.2
OR
ibmtivoli_monitoringMatch6.2.0.3
OR
ibmtivoli_monitoringMatch6.2.1
OR
ibmtivoli_monitoringMatch6.2.1.0
OR
ibmtivoli_monitoringMatch6.2.1.1
OR
ibmtivoli_monitoringMatch6.2.1.2
OR
ibmtivoli_monitoringMatch6.2.1.3
OR
ibmtivoli_monitoringMatch6.2.1.4
OR
ibmtivoli_monitoringMatch6.2.2
OR
ibmtivoli_monitoringMatch6.2.2.0
OR
ibmtivoli_monitoringMatch6.2.2.1
OR
ibmtivoli_monitoringMatch6.2.2.2
OR
ibmtivoli_monitoringMatch6.2.2.3
OR
ibmtivoli_monitoringMatch6.2.2.4
OR
ibmtivoli_monitoringMatch6.2.2.5
OR
ibmtivoli_monitoringMatch6.2.2.6
OR
ibmtivoli_monitoringMatch6.2.2.7
OR
ibmtivoli_monitoringMatch6.2.2.8
OR
ibmtivoli_monitoringMatch6.2.2.9
OR
ibmtivoli_monitoringMatch6.2.3
OR
ibmtivoli_monitoringMatch6.2.3.0
OR
ibmtivoli_monitoringMatch6.2.3.1
OR
ibmtivoli_monitoringMatch6.2.3.2
OR
ibmtivoli_monitoringMatch6.2.3.3
OR
ibmtivoli_monitoringMatch6.2.3.4
OR
ibmtivoli_monitoringMatch6.2.3.5
OR
ibmtivoli_monitoringMatch6.3.0
OR
ibmtivoli_monitoringMatch6.3.0.1
OR
ibmtivoli_monitoringMatch6.3.0.2
OR
ibmtivoli_monitoringMatch6.3.0.3
OR
ibmtivoli_monitoringMatch6.3.0.4

7.1 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.4%

Related for CVE-2014-6141