CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
70.8%
Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8926.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | endpoint_manager_family | 9.0 | cpe:2.3:a:ibm:endpoint_manager_family:9.0:*:*:*:*:*:*:* |
ibm | license_metric_tool | 7.2.2 | cpe:2.3:a:ibm:license_metric_tool:7.2.2:*:*:*:*:*:*:* |
ibm | license_metric_tool | 7.5 | cpe:2.3:a:ibm:license_metric_tool:7.5:*:*:*:*:*:*:* |
ibm | license_metric_tool | 9.0 | cpe:2.3:a:ibm:license_metric_tool:9.0:*:*:*:*:*:*:* |
ibm | tivoli_asset_discovery_for_distributed | 7.2.2.0 | cpe:2.3:a:ibm:tivoli_asset_discovery_for_distributed:7.2.2.0:*:*:*:*:*:*:* |
ibm | tivoli_asset_discovery_for_distributed | 7.5 | cpe:2.3:a:ibm:tivoli_asset_discovery_for_distributed:7.5:*:*:*:*:*:*:* |