Security Vulnerabilities Addressed in Asset and Service Mgmt

Abstract Security Bulletin: Vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and SmartCloud Control Desk. See Details for CVE IDs. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-0714, CVE-2012-0727, CVE-2012-0728,...

CVE-2012-2183

IBM’s advisory confirms CVE-2012-2183 is a session-fixation vulnerability affecting IBM Maximo Asset Management products (7.5, 7.1, 6.2) and related offerings (SmartCloud Control Desk, Tivoli IT/Service Request Manager, Maximo Service Desk, CCMDB). The issue originates from how web sessions are e...