Lucene search

IbmCVE-2013-3004

HistoryJul 01, 2014 - 6:55 p.m.

CVE-2013-3004

2014-07-0118:55:04

CWE-22

ibm

web.nvd.nist.gov

cve-2013-3004

directory traversal

birt-report viewer

ibm

tivoli

application dependency discovery manager

taddm

remote authenticated users

arbitrary files

vulnerability

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

43.7%

JSON

Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors.

Affected configurations

Nvd

Node

ibmtivoli_application_dependency_discovery_managerMatch7.1.2

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.2

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.3

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.4

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.5

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.6

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.7

ibmtivoli_application_dependency_discovery_managerMatch7.1.2.8

ibmtivoli_application_dependency_discovery_managerMatch7.2.0

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.2

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.3

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.4

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.5

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.6

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.7

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.8

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.9

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.10

ibmtivoli_application_dependency_discovery_managerMatch7.2.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.2

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.3

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.4

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.5

VendorProductVersionCPE
ibmtivoli_application_dependency_discovery_manager7.1.2cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.2cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.2:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.3cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.3:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.4cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.4:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.5cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.5:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.6cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.6:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.7cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.7:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.1.2.8cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.8:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.1cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_application_dependency_discovery_manager	7.1.2	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.2	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.2:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.3	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.3:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.4	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.4:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.5	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.5:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.6	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.6:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.7	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.7:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.1.2.8	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2.8:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.1	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.1:::::::*

Rows per page:

1-10 of 251

References

www-01.ibm.com/support/docview.wss?uid=swg21672395

www.securityfocus.com/bid/68452

exchange.xforce.ibmcloud.com/vulnerabilities/84145

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

43.7%

JSON

Related for CVE-2013-3004