Lucene search

IbmCVE-2014-6149

HistoryOct 29, 2014 - 10:55 a.m.

CVE-2014-6149

2014-10-2910:55:05

CWE-22

ibm

web.nvd.nist.gov

cve-2014-6149

directory traversal

birt-viewer

ibm

tivoli

application

dependency

discovery

manager

taddm

security vulnerability

remote access

authenticated users

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

66.2%

JSON

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors.

Affected configurations

Nvd

Node

ibmtivoli_application_dependency_discovery_managerMatch7.2.0

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.2

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.3

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.4

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.5

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.6

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.7

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.8

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.9

ibmtivoli_application_dependency_discovery_managerMatch7.2.0.10

ibmtivoli_application_dependency_discovery_managerMatch7.2.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.2

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.3

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.4

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.5

ibmtivoli_application_dependency_discovery_managerMatch7.2.1.6

ibmtivoli_application_dependency_discovery_managerMatch7.2.2

ibmtivoli_application_dependency_discovery_managerMatch7.2.2.1

ibmtivoli_application_dependency_discovery_managerMatch7.2.2.2

VendorProductVersionCPE
ibmtivoli_application_dependency_discovery_manager7.2.0cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.1cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.1:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.2cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.2:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.3cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.3:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.4cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.4:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.5cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.5:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.6cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.6:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.7cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.7:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.8cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.8:*:*:*:*:*:*:*
ibmtivoli_application_dependency_discovery_manager7.2.0.9cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_application_dependency_discovery_manager	7.2.0	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.1	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.1:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.2	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.2:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.3	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.3:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.4	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.4:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.5	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.5:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.6	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.6:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.7	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.7:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.8	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.8:::::::*
ibm	tivoli_application_dependency_discovery_manager	7.2.0.9	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.9:::::::*

Rows per page:

1-10 of 211

References

www-01.ibm.com/support/docview.wss?uid=swg21688296

www.securityfocus.com/bid/70805

exchange.xforce.ibmcloud.com/vulnerabilities/96919

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

66.2%

JSON

Related for CVE-2014-6149