CVE-2013-6741

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837 allow remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:ibm:change_and_configuration_management_database:7.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_service_desk:7.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_it_asset_management_for_it:7.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_service_request_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1.7:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5.0.5:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:ibm:smartcloud_control_desk:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_control_desk:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_control_desk:7.5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_control_desk:7.5.1.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:59

Type Values Removed Values Added
References () http://www-01.ibm.com/support/docview.wss?uid=swg1IV50316 - () http://www-01.ibm.com/support/docview.wss?uid=swg1IV50316 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg21670870 - Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21670870 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/89857 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/89857 -

Information

Published : 2014-05-26 16:55

Updated : 2024-11-21 01:59


NVD link : CVE-2013-6741

Mitre link : CVE-2013-6741

CVE.ORG link : CVE-2013-6741


JSON object : View

Products Affected

ibm

  • tivoli_asset_management_for_it
  • tivoli_service_request_manager
  • maximo_service_desk
  • tivoli_it_asset_management_for_it
  • change_and_configuration_management_database
  • smartcloud_control_desk
  • maximo_asset_management
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor