Lucene search

[email protected]CVE-2014-6149

HistoryOct 29, 2014 - 10:55 a.m.

CVE-2014-6149

2014-10-2910:55:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2014-6149

directory traversal

birt-viewer

ibm

tivoli

application

dependency

discovery

manager

taddm

security vulnerability

remote access

authenticated users

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

66.0%

JSON

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors.

CPENameOperatorVersion
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.1.2
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.1.6
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.0.5
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.2.1
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.2.2
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.2
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.1.3
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.0.2
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.0.1
ibm:tivoli_application_dependency_discovery_manageribm tivoli application dependency discovery managereq7.2.0.7

CPE	Name	Operator	Version
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.1.2
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.1.6
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.0.5
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.2.1
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.2.2
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.2
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.1.3
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.0.2
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.0.1
ibm:tivoli_application_dependency_discovery_manager	ibm tivoli application dependency discovery manager	eq	7.2.0.7

Rows per page:

1-10 of 211

References

www-01.ibm.com/support/docview.wss?uid=swg21688296

www.securityfocus.com/bid/70805

exchange.xforce.ibmcloud.com/vulnerabilities/96919

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

66.0%

JSON

Related for CVE-2014-6149

ibm1 cvelist1 prion1