Lucene search

IbmCVE-2014-6141

HistoryFeb 02, 2015 - 1:59 a.m.

CVE-2014-6141

2015-02-0201:59:01

CWE-264

ibm

web.nvd.nist.gov

cve-2014-6141

itm

ibm

security vulnerability

remote access

command execution

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

65.5%

JSON

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

Affected configurations

Nvd

Node

ibmtivoli_monitoringMatch6.2.0

ibmtivoli_monitoringMatch6.2.0.1

ibmtivoli_monitoringMatch6.2.0.2

ibmtivoli_monitoringMatch6.2.0.3

ibmtivoli_monitoringMatch6.2.1

ibmtivoli_monitoringMatch6.2.1.0

ibmtivoli_monitoringMatch6.2.1.1

ibmtivoli_monitoringMatch6.2.1.2

ibmtivoli_monitoringMatch6.2.1.3

ibmtivoli_monitoringMatch6.2.1.4

ibmtivoli_monitoringMatch6.2.2

ibmtivoli_monitoringMatch6.2.2.0

ibmtivoli_monitoringMatch6.2.2.1

ibmtivoli_monitoringMatch6.2.2.2

ibmtivoli_monitoringMatch6.2.2.3

ibmtivoli_monitoringMatch6.2.2.4

ibmtivoli_monitoringMatch6.2.2.5

ibmtivoli_monitoringMatch6.2.2.6

ibmtivoli_monitoringMatch6.2.2.7

ibmtivoli_monitoringMatch6.2.2.8

ibmtivoli_monitoringMatch6.2.2.9

ibmtivoli_monitoringMatch6.2.3

ibmtivoli_monitoringMatch6.2.3.0

ibmtivoli_monitoringMatch6.2.3.1

ibmtivoli_monitoringMatch6.2.3.2

ibmtivoli_monitoringMatch6.2.3.3

ibmtivoli_monitoringMatch6.2.3.4

ibmtivoli_monitoringMatch6.2.3.5

ibmtivoli_monitoringMatch6.3.0

ibmtivoli_monitoringMatch6.3.0.1

ibmtivoli_monitoringMatch6.3.0.2

ibmtivoli_monitoringMatch6.3.0.3

ibmtivoli_monitoringMatch6.3.0.4

VendorProductVersionCPE
ibmtivoli_monitoring6.2.0cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.0.1cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.0.2cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.0.3cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.1cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.1.0cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.1.1cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.1.2cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.1.3cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*
ibmtivoli_monitoring6.2.1.4cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_monitoring	6.2.0	cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:::::::*
ibm	tivoli_monitoring	6.2.0.1	cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:::::::*
ibm	tivoli_monitoring	6.2.0.2	cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:::::::*
ibm	tivoli_monitoring	6.2.0.3	cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:::::::*
ibm	tivoli_monitoring	6.2.1	cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:::::::*
ibm	tivoli_monitoring	6.2.1.0	cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:::::::*
ibm	tivoli_monitoring	6.2.1.1	cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:::::::*
ibm	tivoli_monitoring	6.2.1.2	cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:::::::*
ibm	tivoli_monitoring	6.2.1.3	cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:::::::*
ibm	tivoli_monitoring	6.2.1.4	cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:::::::*

Rows per page:

1-10 of 331

References

www-01.ibm.com/support/docview.wss?uid=swg21690932

exchange.xforce.ibmcloud.com/vulnerabilities/96911

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

65.5%

JSON

Related for CVE-2014-6141