Lucene search

IbmCVE-2013-5464

HistoryMay 26, 2014 - 4:55 p.m.

CVE-2013-5464

2014-05-2616:55:02

CWE-264

ibm

web.nvd.nist.gov

ibm

maximo asset management

smartcloud control desk

cve-2013-5464

nvd

access restrictions

remote authenticated users

physical counts

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

59.6%

JSON

IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and modify physical counts associated with restricted storerooms, via unspecified vectors.

Affected configurations

Nvd

Node

ibmmaximo_asset_managementMatch7.5.0.0

ibmmaximo_asset_managementMatch7.5.0.1

ibmmaximo_asset_managementMatch7.5.0.2

ibmmaximo_asset_managementMatch7.5.0.3

ibmmaximo_asset_managementMatch7.5.0.4

ibmmaximo_asset_managementMatch7.5.0.5

Node

ibmsmartcloud_control_deskMatch7.0

ibmsmartcloud_control_deskMatch7.5

ibmsmartcloud_control_deskMatch7.5.0.0

ibmsmartcloud_control_deskMatch7.5.0.1

ibmsmartcloud_control_deskMatch7.5.0.2

ibmsmartcloud_control_deskMatch7.5.1.0

ibmsmartcloud_control_deskMatch7.5.1.1

VendorProductVersionCPE
ibmmaximo_asset_management7.5.0.0cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5.0.1cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5.0.2cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5.0.3cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5.0.4cpe:2.3:a:ibm:maximo_asset_management:7.5.0.4:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5.0.5cpe:2.3:a:ibm:maximo_asset_management:7.5.0.5:*:*:*:*:*:*:*
ibmsmartcloud_control_desk7.0cpe:2.3:a:ibm:smartcloud_control_desk:7.0:*:*:*:*:*:*:*
ibmsmartcloud_control_desk7.5cpe:2.3:a:ibm:smartcloud_control_desk:7.5:*:*:*:*:*:*:*
ibmsmartcloud_control_desk7.5.0.0cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.0:*:*:*:*:*:*:*
ibmsmartcloud_control_desk7.5.0.1cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	maximo_asset_management	7.5.0.0	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:::::::*
ibm	maximo_asset_management	7.5.0.1	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:::::::*
ibm	maximo_asset_management	7.5.0.2	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:::::::*
ibm	maximo_asset_management	7.5.0.3	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:::::::*
ibm	maximo_asset_management	7.5.0.4	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.4:::::::*
ibm	maximo_asset_management	7.5.0.5	cpe:2.3:a:ibm:maximo_asset_management:7.5.0.5:::::::*
ibm	smartcloud_control_desk	7.0	cpe:2.3:a:ibm:smartcloud_control_desk:7.0:::::::*
ibm	smartcloud_control_desk	7.5	cpe:2.3:a:ibm:smartcloud_control_desk:7.5:::::::*
ibm	smartcloud_control_desk	7.5.0.0	cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.0:::::::*
ibm	smartcloud_control_desk	7.5.0.1	cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.1:::::::*

Rows per page:

1-10 of 131

References

www-01.ibm.com/support/docview.wss?uid=swg1IV46277

www-01.ibm.com/support/docview.wss?uid=swg21670870

exchange.xforce.ibmcloud.com/vulnerabilities/88362

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

59.6%

JSON

Related for CVE-2013-5464