IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to gain privileges by entering the ADM command and modifying a "page ID" field to the EMSPG2 transaction code. NOTE: the vendor's perspective is that configuration and use of available security controls in the NVAS product mitigates the reported vulnerability
References
Configurations
History
07 Nov 2023, 02:23
Type | Values Removed | Values Added |
---|---|---|
Summary | IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to gain privileges by entering the ADM command and modifying a "page ID" field to the EMSPG2 transaction code. NOTE: the vendor's perspective is that configuration and use of available security controls in the NVAS product mitigates the reported vulnerability |
Information
Published : 2016-03-18 14:59
Updated : 2024-08-06 14:15
NVD link : CVE-2014-9768
Mitre link : CVE-2014-9768
CVE.ORG link : CVE-2014-9768
JSON object : View
Products Affected
ibm
- tivoli_netview_access_services
CWE
CWE-264
Permissions, Privileges, and Access Controls