CVE-2015-0107

Опубликовано: 24 апр. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to conduct directory traversal attacks via unspecified vectors.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg21694974
Vendor Advisory
http://www.securityfocus.com/bid/97998
Third Party Advisory
VDB Entry
http://www-01.ibm.com/support/docview.wss?uid=swg21694974
Vendor Advisory
http://www.securityfocus.com/bid/97998
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_service_request_manager:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_service_request_manager:7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07172

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-p33x-cg95-phvw