Security Bulletin: Vulnerabilities in BIRT-viewer embedded in IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2014-6149)

Summary There are vulnerabilities in BIRT-viewer embedded in TADDM that cannot be fixed, so there is a need to disable BIRT-viewer in TADDM. For secure use of BIRT reports in TADDM there is a need to use Tivoli Common Reporting TCR where TADDM BIRT reports can be migrated. Vulnerability Details C...

CVE-2014-6149

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager TADDM 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors...

CVE-2014-6149

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager TADDM 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors...

CVE-2014-6149

CVE-2014-6149 relates to a directory traversal in the BIRT-viewer component embedded in IBM Tivoli Application Dependency Discovery Manager (TADDM). Affected TADDM versions: 7.2.0.0–7.2.0.10, 7.2.1.0–7.2.1.6, and 7.2.2.0–7.2.2.2. The underlying issue allows a remote authenticated user to read arb...