Vulnerability-Lookup - Search a vulnerability

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IV40115",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
          },
          {
            "name": "IV30187",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
          },
          {
            "name": "itm-cve20130551-dos(82768)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82768"
          },
          {
            "name": "IV27192",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
          },
          {
            "name": "IV40116",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (abend) via a crafted URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IV40115",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
        },
        {
          "name": "IV30187",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
        },
        {
          "name": "itm-cve20130551-dos(82768)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82768"
        },
        {
          "name": "IV27192",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
        },
        {
          "name": "IV40116",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0551",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (abend) via a crafted URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IV40115",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
            },
            {
              "name": "IV30187",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
            },
            {
              "name": "itm-cve20130551-dos(82768)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82768"
            },
            {
              "name": "IV27192",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
            },
            {
              "name": "IV40116",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0551",
    "datePublished": "2013-06-21T17:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-3297

Vulnerability from cvelistv5

Published

2012-12-08 15:00

Modified

2024-08-06 19:57

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/77291	vdb-entry, x_refsource_XF
	https://www.ibm.com/support/docview.wss?uid=swg21618972	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1027850	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:57:50.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "tivolimonitoring-hmc-xss(77291)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77291"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=swg21618972"
          },
          {
            "name": "1027850",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027850"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "tivolimonitoring-hmc-xss(77291)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77291"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=swg21618972"
        },
        {
          "name": "1027850",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027850"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-3297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "tivolimonitoring-hmc-xss(77291)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77291"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=swg21618972",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=swg21618972"
            },
            {
              "name": "1027850",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027850"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-3297",
    "datePublished": "2012-12-08T15:00:00",
    "dateReserved": "2012-06-07T00:00:00",
    "dateUpdated": "2024-08-06T19:57:50.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1183

Vulnerability from cvelistv5

Published

2017-07-14 13:00

Modified

2024-09-16 20:52

Severity ?

Summary

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/123494	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22003402	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/99610	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1038913	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

Version: 6.2.3.5
Version: 6.2.2.9
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:25:17.497Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
          },
          {
            "name": "99610",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99610"
          },
          {
            "name": "1038913",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038913"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.2.9"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2017-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Data Manipulation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-18T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
        },
        {
          "name": "99610",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99610"
        },
        {
          "name": "1038913",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038913"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-07-12T00:00:00",
          "ID": "CVE-2017-1183",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.2.2.9"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Data Manipulation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "99610",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99610"
            },
            {
              "name": "1038913",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1183",
    "datePublished": "2017-07-14T13:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T20:52:33.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4822

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2012-1466.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78766	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	http://secunia.com/advisories/51327	third-party-advisory, x_refsource_SECUNIA
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2012-1465.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51393	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:16.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2012:1466",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "IV29665",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "name": "ibm-java-jlc-code-execution(78766)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "name": "51327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "name": "RHSA-2012:1465",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
          },
          {
            "name": "51328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "51393",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51393"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2012:1466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "IV29665",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "name": "ibm-java-jlc-code-execution(78766)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "name": "51327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "name": "RHSA-2012:1465",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
        },
        {
          "name": "51328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "51393",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51393"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4822",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1466",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "IV29665",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "ibm-java-jlc-code-execution(78766)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "51327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51327"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "RHSA-2012:1465",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
            },
            {
              "name": "51328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "51393",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51393"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4822",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:16.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4823

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2012-1466.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	http://secunia.com/advisories/51327	third-party-advisory, x_refsource_SECUNIA
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78767	vdb-entry, x_refsource_XF
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:17.295Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2012:1466",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "IV29687",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "name": "51327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "ibm-java-defineclass-code-execution(78767)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2012:1466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "IV29687",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "name": "51327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "ibm-java-defineclass-code-execution(78767)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4823",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1466",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "IV29687",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "51327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51327"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "ibm-java-defineclass-code-execution(78767)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4823",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:17.295Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1181

Vulnerability from cvelistv5

Published

2017-07-14 13:00

Modified

2024-09-17 04:29

Severity ?

Summary

IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/123487	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22003402	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/99596	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1038913	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

Version: 6.2.3.5
Version: 6.2.2.9
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:25:17.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
          },
          {
            "name": "99596",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99596"
          },
          {
            "name": "1038913",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038913"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.2.9"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2017-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-18T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
        },
        {
          "name": "99596",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99596"
        },
        {
          "name": "1038913",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038913"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-07-12T00:00:00",
          "ID": "CVE-2017-1181",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.2.2.9"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "99596",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99596"
            },
            {
              "name": "1038913",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1181",
    "datePublished": "2017-07-14T13:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-17T04:29:08.459Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-4592

Vulnerability from cvelistv5

Published

2020-02-13 15:40

Modified

2024-09-17 01:01

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

Summary

IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.

References

▼	URL	Tags
	https://www.ibm.com/support/pages/node/2278617	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/167647	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

Tivoli Monitoring

Version: 6.3.0.7.3
Version: 6.3.0.7.10

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:40:47.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/2278617"
          },
          {
            "name": "ibm-tivoli-cve20194592-dos (167647)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.3.0.7.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.7.10"
            }
          ]
        }
      ],
      "datePublic": "2020-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/A:H/AV:N/C:N/S:U/AC:L/I:N/UI:N/PR:N/RL:O/E:U/RC:C",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-13T15:40:21",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/pages/node/2278617"
        },
        {
          "name": "ibm-tivoli-cve20194592-dos (167647)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2020-02-12T00:00:00",
          "ID": "CVE-2019-4592",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.3.0.7.3"
                          },
                          {
                            "version_value": "6.3.0.7.10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "H",
              "AC": "L",
              "AV": "N",
              "C": "N",
              "I": "N",
              "PR": "N",
              "S": "U",
              "UI": "N"
            },
            "TM": {
              "E": "U",
              "RC": "C",
              "RL": "O"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.ibm.com/support/pages/node/2278617",
              "refsource": "CONFIRM",
              "title": "IBM Security Bulletin 2278617 (Tivoli Monitoring)",
              "url": "https://www.ibm.com/support/pages/node/2278617"
            },
            {
              "name": "ibm-tivoli-cve20194592-dos (167647)",
              "refsource": "XF",
              "title": "X-Force Vulnerability Report",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2019-4592",
    "datePublished": "2020-02-13T15:40:21.327502Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-17T01:01:14.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5933

Vulnerability from cvelistv5

Published

2017-03-08 19:00

Modified

2024-08-06 01:15

Severity ?

Summary

IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21997223	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

IBM Corporation

Version: 6.2.0
Version: 6.2.1
Version: 6.2.2
Version: 6.2.3
Version: 6.3.0
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.3
Version: 6.3.0.1
Version: 6.3.0.2
Version: 6.3.0.3
Version: 6.3.0.4
Version: 6.3.1
Version: 6.3.0.5
Version: 6.3.0.6
Version: 6.2.2.2
Version: 6.2.2.3
Version: 6.2.2.4
Version: 6.2.2.5
Version: 6.2.2.6
Version: 6.2.2.7
Version: 6.2.2.8
Version: 6.2.2.9
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:09.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.0"
            },
            {
              "status": "affected",
              "version": "6.2.1"
            },
            {
              "status": "affected",
              "version": "6.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.3.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.1"
            },
            {
              "status": "affected",
              "version": "6.3.0.2"
            },
            {
              "status": "affected",
              "version": "6.3.0.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.4"
            },
            {
              "status": "affected",
              "version": "6.3.1"
            },
            {
              "status": "affected",
              "version": "6.3.0.5"
            },
            {
              "status": "affected",
              "version": "6.3.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.2.4"
            },
            {
              "status": "affected",
              "version": "6.2.2.5"
            },
            {
              "status": "affected",
              "version": "6.2.2.6"
            },
            {
              "status": "affected",
              "version": "6.2.2.7"
            },
            {
              "status": "affected",
              "version": "6.2.2.8"
            },
            {
              "status": "affected",
              "version": "6.2.2.9"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2017-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-08T18:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-5933",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.0"
                          },
                          {
                            "version_value": "6.2.1"
                          },
                          {
                            "version_value": "6.2.2"
                          },
                          {
                            "version_value": "6.2.3"
                          },
                          {
                            "version_value": "6.3.0"
                          },
                          {
                            "version_value": "6.2.3.1"
                          },
                          {
                            "version_value": "6.2.3.2"
                          },
                          {
                            "version_value": "6.2.3.3"
                          },
                          {
                            "version_value": "6.2.3.4"
                          },
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.3.0.1"
                          },
                          {
                            "version_value": "6.3.0.2"
                          },
                          {
                            "version_value": "6.3.0.3"
                          },
                          {
                            "version_value": "6.3.0.4"
                          },
                          {
                            "version_value": "6.3.1"
                          },
                          {
                            "version_value": "6.3.0.5"
                          },
                          {
                            "version_value": "6.3.0.6"
                          },
                          {
                            "version_value": "6.2.2.2"
                          },
                          {
                            "version_value": "6.2.2.3"
                          },
                          {
                            "version_value": "6.2.2.4"
                          },
                          {
                            "version_value": "6.2.2.5"
                          },
                          {
                            "version_value": "6.2.2.6"
                          },
                          {
                            "version_value": "6.2.2.7"
                          },
                          {
                            "version_value": "6.2.2.8"
                          },
                          {
                            "version_value": "6.2.2.9"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21997223",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-5933",
    "datePublished": "2017-03-08T19:00:00",
    "dateReserved": "2016-06-29T00:00:00",
    "dateUpdated": "2024-08-06T01:15:09.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-2961

Vulnerability from cvelistv5

Published

2013-06-21 17:00

Modified

2024-08-06 15:52

Severity ?

Summary

The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to perform unspecified redirection of HTTP requests, and bypass the proxy-server configuration, via crafted HTTP traffic.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21635080	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83725	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:52:21.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IV40115",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
          },
          {
            "name": "itm-cve20132961-url-redirect(83725)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83725"
          },
          {
            "name": "IV30187",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
          },
          {
            "name": "IV27192",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
          },
          {
            "name": "IV40116",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to perform unspecified redirection of HTTP requests, and bypass the proxy-server configuration, via crafted HTTP traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IV40115",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
        },
        {
          "name": "itm-cve20132961-url-redirect(83725)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83725"
        },
        {
          "name": "IV30187",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
        },
        {
          "name": "IV27192",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
        },
        {
          "name": "IV40116",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-2961",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to perform unspecified redirection of HTTP requests, and bypass the proxy-server configuration, via crafted HTTP traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IV40115",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
            },
            {
              "name": "itm-cve20132961-url-redirect(83725)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83725"
            },
            {
              "name": "IV30187",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
            },
            {
              "name": "IV27192",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
            },
            {
              "name": "IV40116",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-2961",
    "datePublished": "2013-06-21T17:00:00",
    "dateReserved": "2013-04-12T00:00:00",
    "dateUpdated": "2024-08-06T15:52:21.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-2960

Vulnerability from cvelistv5

Published

2013-06-21 17:00

Modified

2024-08-06 15:52

Severity ?

Summary

Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (segmentation fault) via a crafted http URL.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21635080	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83724	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:52:21.619Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IV40115",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
          },
          {
            "name": "IV30187",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
          },
          {
            "name": "IV27192",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
          },
          {
            "name": "IV40116",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
          },
          {
            "name": "itm-cve20132960-dos(83724)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83724"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (segmentation fault) via a crafted http URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IV40115",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
        },
        {
          "name": "IV30187",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
        },
        {
          "name": "IV27192",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
        },
        {
          "name": "IV40116",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
        },
        {
          "name": "itm-cve20132960-dos(83724)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83724"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-2960",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (segmentation fault) via a crafted http URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IV40115",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
            },
            {
              "name": "IV30187",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
            },
            {
              "name": "IV27192",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
            },
            {
              "name": "IV40116",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
            },
            {
              "name": "itm-cve20132960-dos(83724)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83724"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-2960",
    "datePublished": "2013-06-21T17:00:00",
    "dateReserved": "2013-04-12T00:00:00",
    "dateUpdated": "2024-08-06T15:52:21.619Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1794

Vulnerability from cvelistv5

Published

2018-09-19 15:00

Modified

2024-09-16 20:57

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Summary

IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/137039	vdb-entry, x_refsource_XF
	https://www.ibm.com/support/docview.wss?uid=swg22014097	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Tivoli Monitoring

Version: 6.2.3
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.3.0
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.3.0.1
Version: 6.3.0.2
Version: 6.3.0.3
Version: 6.3.0.4
Version: 6.3.0.5
Version: 6.3.0.6
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:39:32.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.3.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.3.0.1"
            },
            {
              "status": "affected",
              "version": "6.3.0.2"
            },
            {
              "status": "affected",
              "version": "6.3.0.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.4"
            },
            {
              "status": "affected",
              "version": "6.3.0.5"
            },
            {
              "status": "affected",
              "version": "6.3.0.6"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2018-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/A:H/AC:H/AV:N/C:H/I:H/PR:L/S:U/UI:N/E:U/RC:C/RL:O",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-19T14:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-09-17T00:00:00",
          "ID": "CVE-2017-1794",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.3"
                          },
                          {
                            "version_value": "6.2.3.1"
                          },
                          {
                            "version_value": "6.2.3.2"
                          },
                          {
                            "version_value": "6.3.0"
                          },
                          {
                            "version_value": "6.2.3.3"
                          },
                          {
                            "version_value": "6.2.3.4"
                          },
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.3.0.1"
                          },
                          {
                            "version_value": "6.3.0.2"
                          },
                          {
                            "version_value": "6.3.0.3"
                          },
                          {
                            "version_value": "6.3.0.4"
                          },
                          {
                            "version_value": "6.3.0.5"
                          },
                          {
                            "version_value": "6.3.0.6"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "H",
              "AC": "H",
              "AV": "N",
              "C": "H",
              "I": "H",
              "PR": "L",
              "S": "U",
              "UI": "N"
            },
            "TM": {
              "E": "U",
              "RC": "C",
              "RL": "O"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
            },
            {
              "name": "https://www.ibm.com/support/docview.wss?uid=swg22014097",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1794",
    "datePublished": "2018-09-19T15:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T20:57:57.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1789

Vulnerability from cvelistv5

Published

2018-03-22 12:00

Modified

2024-09-16 22:35

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg22014096	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/137034	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Version: 6.2.3
Version: 6.3.0
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.3.0.1
Version: 6.3.0.2
Version: 6.3.0.3
Version: 6.3.0.4
Version: 6.3.0.5
Version: 6.3.0.6
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:39:32.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.3.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.3.0.1"
            },
            {
              "status": "affected",
              "version": "6.3.0.2"
            },
            {
              "status": "affected",
              "version": "6.3.0.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.4"
            },
            {
              "status": "affected",
              "version": "6.3.0.5"
            },
            {
              "status": "affected",
              "version": "6.3.0.6"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2018-03-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/A:H/AC:L/AV:N/C:H/I:H/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-22T11:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-03-13T00:00:00",
          "ID": "CVE-2017-1789",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.3"
                          },
                          {
                            "version_value": "6.3.0"
                          },
                          {
                            "version_value": "6.2.3.1"
                          },
                          {
                            "version_value": "6.2.3.2"
                          },
                          {
                            "version_value": "6.2.3.3"
                          },
                          {
                            "version_value": "6.2.3.4"
                          },
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.3.0.1"
                          },
                          {
                            "version_value": "6.3.0.2"
                          },
                          {
                            "version_value": "6.3.0.3"
                          },
                          {
                            "version_value": "6.3.0.4"
                          },
                          {
                            "version_value": "6.3.0.5"
                          },
                          {
                            "version_value": "6.3.0.6"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "H",
              "AC": "L",
              "AV": "N",
              "C": "H",
              "I": "H",
              "PR": "N",
              "S": "U",
              "UI": "N"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22014096",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1789",
    "datePublished": "2018-03-22T12:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T22:35:36.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1182

Vulnerability from cvelistv5

Published

2017-07-14 13:00

Modified

2024-09-16 19:04

Severity ?

Summary

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/123493	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22003402	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038913	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

Version: 6.2.3.5
Version: 6.2.2.9
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:25:17.407Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
          },
          {
            "name": "1038913",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038913"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.2.9"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2017-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-18T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
        },
        {
          "name": "1038913",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038913"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-07-12T00:00:00",
          "ID": "CVE-2017-1182",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.2.2.9"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "1038913",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1182",
    "datePublished": "2017-07-14T13:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T19:04:42.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0576

Vulnerability from cvelistv5

Published

2013-05-28 15:00

Modified

2024-08-06 14:33

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivoli Monitoring 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83328	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21634920	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-tivoli-cve20130576-xss(83328)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83328"
          },
          {
            "name": "IV32812",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634920"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivoli Monitoring 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-tivoli-cve20130576-xss(83328)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83328"
        },
        {
          "name": "IV32812",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634920"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0576",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivoli Monitoring 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-tivoli-cve20130576-xss(83328)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83328"
            },
            {
              "name": "IV32812",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21634920",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634920"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0576",
    "datePublished": "2013-05-28T15:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4821

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78765	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:16.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "name": "ibm-java-gdm-sa-ce(78765)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "IV29659",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "name": "ibm-java-gdm-sa-ce(78765)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "IV29659",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4821",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "ibm-java-gdm-sa-ce(78765)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "IV29659",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4821",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:16.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4820

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2012-1466.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	http://secunia.com/advisories/51327	third-party-advisory, x_refsource_SECUNIA
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78764	vdb-entry, x_refsource_XF
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2012-1465.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51393	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:17.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2012:1466",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "name": "51327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "ibm-java-invoke-code-execution(78764)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "name": "RHSA-2012:1465",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
          },
          {
            "name": "51328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "name": "IV29654",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "51393",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51393"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2012:1466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "name": "51327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "ibm-java-invoke-code-execution(78764)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "name": "RHSA-2012:1465",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
        },
        {
          "name": "51328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "name": "IV29654",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "51393",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51393"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1466",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "51327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51327"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "ibm-java-invoke-code-execution(78764)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "RHSA-2012:1465",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
            },
            {
              "name": "51328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "IV29654",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "51393",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51393"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4820",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:17.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-6083

Vulnerability from cvelistv5

Published

2017-06-27 16:00

Modified

2024-08-06 01:22

Severity ?

Summary

IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg22000909	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/117696	x_refsource_MISC
	http://www.securityfocus.com/bid/99259	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Version: 6.2.2
Version: 6.2.3
Version: 6.3.0
Version: 6.2.3.1
Version: 6.2.3.2
Version: 6.2.3.3
Version: 6.2.3.4
Version: 6.2.3.5
Version: 6.3
Version: 6.3.0.1
Version: 6.3.0.2
Version: 6.3.0.3
Version: 6.3.0.4
Version: 6.3.0.5
Version: 6.3.0.6
Version: 6.2.2.2
Version: 6.2.2.3
Version: 6.2.2.4
Version: 6.2.2.5
Version: 6.2.2.6
Version: 6.2.2.7
Version: 6.2.2.8
Version: 6.2.2.9
Version: 6.3.0.7

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:22:19.711Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
          },
          {
            "name": "99259",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99259"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.3.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.1"
            },
            {
              "status": "affected",
              "version": "6.3.0.2"
            },
            {
              "status": "affected",
              "version": "6.3.0.3"
            },
            {
              "status": "affected",
              "version": "6.3.0.4"
            },
            {
              "status": "affected",
              "version": "6.3.0.5"
            },
            {
              "status": "affected",
              "version": "6.3.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.2.4"
            },
            {
              "status": "affected",
              "version": "6.2.2.5"
            },
            {
              "status": "affected",
              "version": "6.2.2.6"
            },
            {
              "status": "affected",
              "version": "6.2.2.7"
            },
            {
              "status": "affected",
              "version": "6.2.2.8"
            },
            {
              "status": "affected",
              "version": "6.2.2.9"
            },
            {
              "status": "affected",
              "version": "6.3.0.7"
            }
          ]
        }
      ],
      "datePublic": "2017-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-28T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
        },
        {
          "name": "99259",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99259"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-6083",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.2"
                          },
                          {
                            "version_value": "6.2.3"
                          },
                          {
                            "version_value": "6.3.0"
                          },
                          {
                            "version_value": "6.2.3.1"
                          },
                          {
                            "version_value": "6.2.3.2"
                          },
                          {
                            "version_value": "6.2.3.3"
                          },
                          {
                            "version_value": "6.2.3.4"
                          },
                          {
                            "version_value": "6.2.3.5"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.3.0.1"
                          },
                          {
                            "version_value": "6.3.0.2"
                          },
                          {
                            "version_value": "6.3.0.3"
                          },
                          {
                            "version_value": "6.3.0.4"
                          },
                          {
                            "version_value": "6.3.0.5"
                          },
                          {
                            "version_value": "6.3.0.6"
                          },
                          {
                            "version_value": "6.2.2.2"
                          },
                          {
                            "version_value": "6.2.2.3"
                          },
                          {
                            "version_value": "6.2.2.4"
                          },
                          {
                            "version_value": "6.2.2.5"
                          },
                          {
                            "version_value": "6.2.2.6"
                          },
                          {
                            "version_value": "6.2.2.7"
                          },
                          {
                            "version_value": "6.2.2.8"
                          },
                          {
                            "version_value": "6.2.2.9"
                          },
                          {
                            "version_value": "6.3.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22000909",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
            },
            {
              "name": "99259",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99259"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-6083",
    "datePublished": "2017-06-27T16:00:00",
    "dateReserved": "2016-06-29T00:00:00",
    "dateUpdated": "2024-08-06T01:22:19.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1635

Vulnerability from cvelistv5

Published

2017-12-13 18:00

Modified

2024-09-16 17:38

Severity ?

Summary

IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/133243	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22010554	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101905	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Version: 6.2.2
Version: 6.2.2.2
Version: 6.2.2.3
Version: 6.2.2.4
Version: 6.2.2.5
Version: 6.2.2.6
Version: 6.2.2.7
Version: 6.2.2.8
Version: 6.2.2.9

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:39:32.008Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
          },
          {
            "name": "101905",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101905"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring V6",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.2.4"
            },
            {
              "status": "affected",
              "version": "6.2.2.5"
            },
            {
              "status": "affected",
              "version": "6.2.2.6"
            },
            {
              "status": "affected",
              "version": "6.2.2.7"
            },
            {
              "status": "affected",
              "version": "6.2.2.8"
            },
            {
              "status": "affected",
              "version": "6.2.2.9"
            }
          ]
        }
      ],
      "datePublic": "2017-11-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-14T10:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
        },
        {
          "name": "101905",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101905"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-11-17T00:00:00",
          "ID": "CVE-2017-1635",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring V6",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.2.2"
                          },
                          {
                            "version_value": "6.2.2.2"
                          },
                          {
                            "version_value": "6.2.2.3"
                          },
                          {
                            "version_value": "6.2.2.4"
                          },
                          {
                            "version_value": "6.2.2.5"
                          },
                          {
                            "version_value": "6.2.2.6"
                          },
                          {
                            "version_value": "6.2.2.7"
                          },
                          {
                            "version_value": "6.2.2.8"
                          },
                          {
                            "version_value": "6.2.2.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22010554",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
            },
            {
              "name": "101905",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101905"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1635",
    "datePublished": "2017-12-13T18:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T17:38:14.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-4311

Vulnerability from cvelistv5

Published

2020-04-23 13:10

Modified

2024-09-16 18:59

Severity ?

7.4 (High) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Summary

IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.

References

▼	URL	Tags
	https://www.ibm.com/support/pages/node/6198358	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/177083	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

Tivoli Monitoring

Version: 6.3.0

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T08:00:06.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/6198358"
          },
          {
            "name": "ibm-tivoli-cve20204311-code-exec (177083)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tivoli Monitoring",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.3.0"
            }
          ]
        }
      ],
      "datePublic": "2020-04-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.4,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/S:U/UI:N/A:H/C:H/I:H/PR:N/AC:H/E:U/RL:O/RC:C",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-23T13:10:23",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/pages/node/6198358"
        },
        {
          "name": "ibm-tivoli-cve20204311-code-exec (177083)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2020-04-22T00:00:00",
          "ID": "CVE-2020-4311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tivoli Monitoring",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.3.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "H",
              "AC": "H",
              "AV": "L",
              "C": "H",
              "I": "H",
              "PR": "N",
              "S": "U",
              "UI": "N"
            },
            "TM": {
              "E": "U",
              "RC": "C",
              "RL": "O"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.ibm.com/support/pages/node/6198358",
              "refsource": "CONFIRM",
              "title": "IBM Security Bulletin 6198358 (Tivoli Monitoring)",
              "url": "https://www.ibm.com/support/pages/node/6198358"
            },
            {
              "name": "ibm-tivoli-cve20204311-code-exec (177083)",
              "refsource": "XF",
              "title": "X-Force Vulnerability Report",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2020-4311",
    "datePublished": "2020-04-23T13:10:23.928628Z",
    "dateReserved": "2019-12-30T00:00:00",
    "dateUpdated": "2024-09-16T18:59:33.454Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-5003

Vulnerability from cvelistv5

Published

2016-01-03 02:00

Modified

2024-08-06 06:32

Severity ?

Summary

The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742	vendor-advisory, x_refsource_AIXAPAR
	http://www.securitytracker.com/id/1034924	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg21970361	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:32:31.547Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IV77742",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742"
          },
          {
            "name": "1034924",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034924"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970361"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IV77742",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742"
        },
        {
          "name": "1034924",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034924"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970361"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2015-5003",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IV77742",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742"
            },
            {
              "name": "1034924",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034924"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970361"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2015-5003",
    "datePublished": "2016-01-03T02:00:00",
    "dateReserved": "2015-06-24T00:00:00",
    "dateUpdated": "2024-08-06T06:32:31.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-7411

Vulnerability from cvelistv5

Published

2016-03-12 02:00

Modified

2024-08-06 07:51

Severity ?

Summary

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1035240	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21973559	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:27.224Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035240",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035240"
          },
          {
            "name": "IV77992",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1035240",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035240"
        },
        {
          "name": "IV77992",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2015-7411",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035240",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035240"
            },
            {
              "name": "IV77992",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2015-7411",
    "datePublished": "2016-03-12T02:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:27.224Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0548

Vulnerability from cvelistv5

Published

2013-06-21 17:00

Modified

2024-08-06 14:33

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21635080	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/82767	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IV40115",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
          },
          {
            "name": "IV30187",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
          },
          {
            "name": "IV27192",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
          },
          {
            "name": "IV40116",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
          },
          {
            "name": "itm-cve20130548-xss(82767)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82767"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IV40115",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
        },
        {
          "name": "IV30187",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
        },
        {
          "name": "IV27192",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
        },
        {
          "name": "IV40116",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
        },
        {
          "name": "itm-cve20130548-xss(82767)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82767"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0548",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IV40115",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
            },
            {
              "name": "IV30187",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
            },
            {
              "name": "IV27192",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
            },
            {
              "name": "IV40116",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
            },
            {
              "name": "itm-cve20130548-xss(82767)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82767"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0548",
    "datePublished": "2013-06-21T17:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6141

Vulnerability from cvelistv5

Published

2015-02-02 01:00

Modified

2024-08-06 12:10

Severity ?

Summary

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21690932	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/96911	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:12.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"
          },
          {
            "name": "ibm-itm-cve20146141-sec-bypass(96911)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"
        },
        {
          "name": "ibm-itm-cve20146141-sec-bypass(96911)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-6141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"
            },
            {
              "name": "ibm-itm-cve20146141-sec-bypass(96911)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-6141",
    "datePublished": "2015-02-02T01:00:00",
    "dateReserved": "2014-09-02T00:00:00",
    "dateUpdated": "2024-08-06T12:10:12.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-2946

Vulnerability from cvelistv5

Published

2016-12-01 11:00

Modified

2024-08-05 23:40

Severity ?

Summary

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21984578	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/92389	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

Version: n/a

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:40:13.861Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IV85845",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984578"
          },
          {
            "name": "92389",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92389"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T10:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IV85845",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984578"
        },
        {
          "name": "92389",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92389"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-2946",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IV85845",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21984578",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984578"
            },
            {
              "name": "92389",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92389"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-2946",
    "datePublished": "2016-12-01T11:00:00",
    "dateReserved": "2016-03-09T00:00:00",
    "dateUpdated": "2024-08-05T23:40:13.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2017-06-27 16:29

Modified

2024-11-21 02:55

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22000909	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/99259	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/117696	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22000909	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99259	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/117696	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_monitoring	6.2.3.3
ibm	tivoli_monitoring	6.2.3.4
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0
ibm	tivoli_monitoring	6.3.0.1
ibm	tivoli_monitoring	6.3.0.2
ibm	tivoli_monitoring	6.3.0.3
ibm	tivoli_monitoring	6.3.0.4
ibm	tivoli_monitoring	6.3.0.5
ibm	tivoli_monitoring	6.3.0.6
ibm	tivoli_monitoring	6.3.0.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C6368EC-1103-419B-8A11-14443501B435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E58E2E4-ADA3-4189-BE8C-1943CDEA7791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9F4C32-6077-475E-A285-F98A0336C53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0355309B-CCBF-49EA-BE50-7B8E9B637473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C781C7-70D8-44EA-8847-54815053A092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F409ECF-2033-49E0-9599-DD827CD4DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9C84EAD-BA6A-45B8-A628-2E5003E87778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "00506901-696A-4EC1-B560-08BBDCBB41CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7484661E-4906-4027-B4B7-9AA952661923",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring V6 podr\u00eda permitir a un usuario no autenticado acceder a consultas SOAP que podr\u00edan contener informaci\u00f3n confidencial. IBM X-Force ID: 117696."
    }
  ],
  "id": "CVE-2016-6083",
  "lastModified": "2024-11-21T02:55:25.477",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-27T16:29:00.213",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99259"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-12-08 15:55

Modified

2024-11-21 01:40

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

References

URL	Tags
psirt@us.ibm.com	http://www.securitytracker.com/id?1027850
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/77291
psirt@us.ibm.com	https://www.ibm.com/support/docview.wss?uid=swg21618972	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027850
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/77291
af854a3a-2127-422b-91ae-364da2661108	https://www.ibm.com/support/docview.wss?uid=swg21618972	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	tivoli_monitoring	6.2.2
	ibm	tivoli_monitoring	6.2.3

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el Service Console en IBM Tivoli Monitoring v6.2.2 anterior a v6.2.2-TIV-ITM-FP0009 y v6.3.2 anterior a v6.2.3-TIV-ITM-FP0001servidor permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de una URI falsificada."
    }
  ],
  "id": "CVE-2012-3297",
  "lastModified": "2024-11-21T01:40:36.350",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-12-08T15:55:00.853",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id?1027850"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77291"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/docview.wss?uid=swg21618972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027850"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/docview.wss?uid=swg21618972"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-04-23 15:15

Modified

2024-11-21 05:32

Severity ?

7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.

References

URL	Tags
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/177083	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://www.ibm.com/support/pages/node/6198358	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/177083	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ibm.com/support/pages/node/6198358	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	tivoli_monitoring	6.3.0

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring versi\u00f3n 6.3.0, podr\u00eda permitir a un atacante local ejecutar c\u00f3digo arbitrario en el sistema. Al colocar un archivo especialmente dise\u00f1ado, un atacante podr\u00eda explotar esta vulnerabilidad para cargar otros archivos DLL localizados en el mismo directorio y ejecutar c\u00f3digo arbitrario en el sistema. ID de IBM X-Force: 177083."
    }
  ],
  "id": "CVE-2020-4311",
  "lastModified": "2024-11-21T05:32:34.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.4,
        "impactScore": 5.9,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-04-23T15:15:14.780",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/6198358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/6198358"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-03-08 19:59

Modified

2024-11-21 02:55

Severity ?

4.6 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Summary

IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21997223	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21997223	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_monitoring	6.2.3.3
ibm	tivoli_monitoring	6.2.3.4
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0
ibm	tivoli_monitoring	6.3.0.1
ibm	tivoli_monitoring	6.3.0.2
ibm	tivoli_monitoring	6.3.0.3
ibm	tivoli_monitoring	6.3.0.4
ibm	tivoli_monitoring	6.3.0.5
ibm	tivoli_monitoring	6.3.0.6
ibm	tivoli_monitoring	6.3.0.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C6368EC-1103-419B-8A11-14443501B435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E58E2E4-ADA3-4189-BE8C-1943CDEA7791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9F4C32-6077-475E-A285-F98A0336C53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0355309B-CCBF-49EA-BE50-7B8E9B637473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C781C7-70D8-44EA-8847-54815053A092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F409ECF-2033-49E0-9599-DD827CD4DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9C84EAD-BA6A-45B8-A628-2E5003E87778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "00506901-696A-4EC1-B560-08BBDCBB41CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7484661E-4906-4027-B4B7-9AA952661923",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring 6.2 y 6.3 es vulnerable a posibles ataques de inyecci\u00f3n de encabezado de host que podr\u00eda conducir a envenenamiento de cach\u00e9 HTTP o elusi\u00f3n del firewall. Referencia IBM #: 1997223."
    }
  ],
  "id": "CVE-2016-5933",
  "lastModified": "2024-11-21T02:55:14.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-08T19:59:00.190",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-254"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-21 17:55

Modified

2024-11-21 01:47

Severity ?

Summary

The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (abend) via a crafted URL.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21635080
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21640752
	psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82768
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21635080
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21640752
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82768

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	application_manager_for_smart_business	1.2.1

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:application_manager_for_smart_business:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A543A0CA-85DE-4277-9E2D-E1323CBC490D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (abend) via a crafted URL."
    },
    {
      "lang": "es",
      "value": "El componente Basic Services en IBM Tivoli Monitoring (ITM) v6.2.0 hasta FP3, v6.2.1 hasta FP4, v6.2.2 hasta FP9, y v6.2.3 hasta FP3, como se utilizaba en IBM Application Manager para Smart Business (Tivoli Foundations Application Manager) v1.2.1 anterior a v1.2.1.0-TIV-IAMSB-FP0004 y otros productos, permite a atacates remotos causar unad enegaci\u00f3n de servicio mediante una URL especialmente dise\u00f1ada."
    }
  ],
  "id": "CVE-2013-0551",
  "lastModified": "2024-11-21T01:47:45.970",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-21T17:55:01.163",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82768"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-09-19 15:29

Modified

2024-11-21 03:22

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.

References

URL	Tags
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/137039	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://www.ibm.com/support/docview.wss?uid=swg22014097	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/137039	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ibm.com/support/docview.wss?uid=swg22014097	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	tivoli_monitoring	*
	ibm	tivoli_monitoring	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "161EFDEA-8E0B-444D-A5E0-B3DB65596813",
              "versionEndIncluding": "6.2.3.5",
              "versionStartIncluding": "6.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2623FD-FF70-4E0A-A808-56C8CB9BB05D",
              "versionEndIncluding": "6.3.0.7",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring desde la versi\u00f3n 6.2.3 hasta la 6.2.3.5 y desde la 6.3.0 hasta la 6.3.0.7 es vulnerable a un escalado de privilegios del usuario TEPS y una posible denegaci\u00f3n de servicio (DoS) debido a un crecimiento de memoria sin restricciones. IBM X-Force ID: 137039."
    }
  ],
  "id": "CVE-2017-1794",
  "lastModified": "2024-11-21T03:22:22.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-09-19T15:29:01.233",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51327	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51328	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51393	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78766	VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51327	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51328	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51393	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78766	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, permite a atacantes remotos a ejecutar c\u00f3digoa trav\u00e9s de vectores relacionados con \"uso inseguro de uso [de] m\u00e9todos m\u00faltiples en la clase java.lang.class class.\""
    }
  ],
  "id": "CVE-2012-4822",
  "lastModified": "2024-11-21T01:43:33.843",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:01.087",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78765	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78765	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, permite a atacantes remotos a ejecutar c\u00f3digo trav\u00e9s de vectores relacionados con \"uso inseguro\" de m\u00e9todos (1) java.lang.Class getDeclaredMethods o (2) java.lang.reflect.AccessibleObject setAccessible()."
    }
  ],
  "id": "CVE-2012-4821",
  "lastModified": "2024-11-21T01:43:33.683",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:01.027",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-01-03 05:59

Modified

2024-11-21 02:32

Severity ?

8.5 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21970361	Vendor Advisory
psirt@us.ibm.com	http://www.securitytracker.com/id/1034924
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21970361	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034924

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.3.0

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 allows remote authenticated users to execute arbitrary commands by leveraging Take Action view authority and providing crafted input."
    },
    {
      "lang": "es",
      "value": "El portal en IBM Tivoli Monitoring (ITM) 6.2.2 hasta la versi\u00f3n FP9, 6.2.3 hasta la versi\u00f3n FP5 y 6.3.0 en versiones anteriores a FP7 permite a usuarios remotos autenticados ejecutar comandos arbitrarios aprovechando la autoridad de la vista Take Action y proveyendo una entrada manipulada."
    }
  ],
  "id": "CVE-2015-5003",
  "lastModified": "2024-11-21T02:32:09.423",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-03T05:59:02.663",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970361"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1034924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034924"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-02-02 01:59

Modified

2024-11-21 02:13

Severity ?

Summary

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21690932	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/96911
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21690932	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/96911

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_monitoring	6.2.3.3
ibm	tivoli_monitoring	6.2.3.4
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0
ibm	tivoli_monitoring	6.3.0.1
ibm	tivoli_monitoring	6.3.0.2
ibm	tivoli_monitoring	6.3.0.3
ibm	tivoli_monitoring	6.3.0.4

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C6368EC-1103-419B-8A11-14443501B435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E58E2E4-ADA3-4189-BE8C-1943CDEA7791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9F4C32-6077-475E-A285-F98A0336C53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0355309B-CCBF-49EA-BE50-7B8E9B637473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C781C7-70D8-44EA-8847-54815053A092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F409ECF-2033-49E0-9599-DD827CD4DB2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring (ITM) 6.2.0 hasta FP03, 6.2.1 hasta FP04, 6.2.2 hasta FP09, 6.2.3 hasta FP05, y 6.3.0 anterior a FP04 permite a usuarios remotos autenticados evadir las restricciones de acceso y ejecutar comandos arbitrarios mediante el aprovechamiento de la autoridad de visualizaci\u00f3n \u0027Take Action\u0027 para modificar los comandos en proceso."
    }
  ],
  "id": "CVE-2014-6141",
  "lastModified": "2024-11-21T02:13:50.997",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-02-02T01:59:01.373",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51327	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78767	VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51327	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78767	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en el componente JRE de IBM Java 7 SR2 y anteriores, SR3 Java v6.0.1 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores, tal y como se utiliza en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes y Domino, Tivoli Storage Productivity Center y Service Deliver Manager y otros productos de otros fabricantes tales como Red Hat, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el \"uso inseguro del m\u00e9todo defineClass java.lang.ClassLoder().\"\r\n"
    }
  ],
  "id": "CVE-2012-4823",
  "lastModified": "2024-11-21T01:43:34.023",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:01.150",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-02-13 16:15

Modified

2024-11-21 04:43

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.

References

URL	Tags
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/167647	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://www.ibm.com/support/pages/node/2278617	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/167647	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.ibm.com/support/pages/node/2278617	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	tivoli_monitoring	*

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69C402C5-DDA4-42FF-BF67-B714C53239C1",
              "versionEndIncluding": "6.3.0.7.10",
              "versionStartIncluding": "6.3.0.7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring Service versiones 6.3.0.7.3 hasta 6.3.0.7.10, podr\u00eda permitir a un usuario no autorizado acceder y modificar los aspectos operativos del servidor de monitoreo ITM, conllevando posiblemente a una denegaci\u00f3n del servicio efectiva o la inhabilitaci\u00f3n del servidor de monitoreo. ID de IBM X-Force: 167647."
    }
  ],
  "id": "CVE-2019-4592",
  "lastModified": "2024-11-21T04:43:46.803",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-13T16:15:12.087",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/2278617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/2278617"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-12-01 11:59

Modified

2024-11-21 02:49

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845	Broken Link
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21984578	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/92389	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21984578	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92389	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.3.0
linux	linux_kernel	-

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en las ax Shared Libraries en el Agent en IBM Tivoli Monitoring (ITM) 6.2.2 en versiones anteriores a FP9, 6.2.3 en versiones anteriores a FP5 y 6.3.0 en versiones anteriores FP2 en Linux y UNIX permite a usuarios locales obtener privilegios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-2946",
  "lastModified": "2024-11-21T02:49:04.417",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-12-01T11:59:00.180",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984578"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92389"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-07-17 13:18

Modified

2024-11-21 03:21

Severity ?

7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22003402	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securitytracker.com/id/1038913	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/123493	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22003402	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038913	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/123493	VDB Entry, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7484661E-4906-4027-B4B7-9AA952661923",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring Portal v6 permite a un atacante local o de una red adyacente ejecutar comando aleatorios en el sistema, cuando las comunicaciones por defecto entre el cliente y el servidor HTTP est\u00e1n siendo usadas. IBM X-Force ID: 123494."
    }
  ],
  "id": "CVE-2017-1182",
  "lastModified": "2024-11-21T03:21:27.520",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-17T13:18:21.953",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038913"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51327	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51328	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51393	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78764	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51327	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51328	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51393	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78764	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, ejecutandose en un gestor de seguridad, permite a atacantes remotos obtener privilegios modificando o eliminando el gestor de seguridad a trav\u00e9s de vectores relacionados con \"uso inseguro del m\u00e9todo java.lang.reflect.Method invoke()\""
    }
  ],
  "id": "CVE-2012-4820",
  "lastModified": "2024-11-21T01:43:33.500",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:00.963",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-21 17:55

Modified

2024-11-21 01:52

Severity ?

Summary

The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to perform unspecified redirection of HTTP requests, and bypass the proxy-server configuration, via crafted HTTP traffic.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21635080
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83725
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21635080
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83725

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	application_manager_for_smart_business	1.2.1

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:application_manager_for_smart_business:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A543A0CA-85DE-4277-9E2D-E1323CBC490D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to perform unspecified redirection of HTTP requests, and bypass the proxy-server configuration, via crafted HTTP traffic."
    },
    {
      "lang": "es",
      "value": "El servidor web interno en el componente Basic Services en IBM Tivoli Monitoring (ITM) v6.2.0 hasta FP3, v6.2.1 hasta FP4, v6.2.2 hasta FP9, y v6.2.3 anterior a FP3, como se utilizaba en IBM Application Manager para Smart Business   (Tivoli Foundations Application Manager) v1.2.1 anterior a v1.2.1.0-TIV-IAMSB-FP0004 y otros productos, permite a atacantes remotos llevar a cabo redirecciones HTTP no especificadas, y eludir la configuraci\u00f3n proxy-server, mediante tr\u00e1fico HTTP especialmente dise\u00f1ado."
    }
  ],
  "id": "CVE-2013-2961",
  "lastModified": "2024-11-21T01:52:45.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-06-21T17:55:01.227",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83725"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-03-12 02:59

Modified

2024-11-21 02:36

Severity ?

9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21973559	Vendor Advisory
psirt@us.ibm.com	http://www.securitytracker.com/id/1035240
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21973559	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035240

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.3.0

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "El portal cliente en IBM Tivoli Monitoring (ITM) 6.2.2 hasta la versi\u00f3n FP9, 6.2.3 hasta la versi\u00f3n FP5 y 6.3.0 hasta la versi\u00f3n FP6 permite a usuarios remotos autenticados obtener privilegios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-7411",
  "lastModified": "2024-11-21T02:36:44.530",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-03-12T02:59:01.517",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1035240"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035240"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-21 17:55

Modified

2024-11-21 01:47

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21635080	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21640752
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82767
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21635080	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21640752
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82767

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	application_manager_for_smart_business	1.2.1

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:application_manager_for_smart_business:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A543A0CA-85DE-4277-9E2D-E1323CBC490D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el componente IBM Tivoli Monitoring (ITM) v6.2.0 hasta FP3, v6.2.1 hasta FP4, v6.2.2 hasta FP9, y v6.2.3 anterior a FP3, como se utilizaba en IBM Application Manager para Smart Application Manager) v1.2.1 anterior a v1.2.1.0-TIV-IAMSB-FP0004 y otros productos, permite a atacantes remotos inyectar  inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2013-0548",
  "lastModified": "2024-11-21T01:47:45.690",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-06-21T17:55:01.133",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640752"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82767"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-07-17 13:18

Modified

2024-11-21 03:21

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22003402	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/99596	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1038913	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/123487	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22003402	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99596	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038913	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/123487	VDB Entry, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7484661E-4906-4027-B4B7-9AA952661923",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring Portal V6 permite a un atacante local escalar privilegios para IBM Tivoli Monitoring, causando que la conexi\u00f3n por defecto de la consola no sea encriptada. IBM X-Force ID: 123487."
    }
  ],
  "id": "CVE-2017-1181",
  "lastModified": "2024-11-21T03:21:27.410",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-17T13:18:21.843",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99596"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038913"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-12-13 18:29

Modified

2024-11-21 03:22

Severity ?

8.0 (High) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22010554	Issue Tracking, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/101905	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/133243	Issue Tracking, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22010554	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101905	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/133243	Issue Tracking, VDB Entry, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring V6 6.2.2.x podr\u00eda permitir que un atacante remoto ejecute c\u00f3digo arbitrario en el sistema, provocado por un error de uso de memoria previamente liberada. Un atacante remoto podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema o provocar que la aplicaci\u00f3n se cierre inesperadamente. IBM X-Force ID: 133243."
    }
  ],
  "id": "CVE-2017-1635",
  "lastModified": "2024-11-21T03:22:10.057",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.2,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-12-13T18:29:00.363",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101905"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Issue Tracking",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-03-22 12:29

Modified

2024-11-21 03:22

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22014096	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/137034	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22014096	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/137034	VDB Entry, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_monitoring	6.2.3.3
ibm	tivoli_monitoring	6.2.3.4
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0
ibm	tivoli_monitoring	6.3.0.1
ibm	tivoli_monitoring	6.3.0.2
ibm	tivoli_monitoring	6.3.0.3
ibm	tivoli_monitoring	6.3.0.4
ibm	tivoli_monitoring	6.3.0.5
ibm	tivoli_monitoring	6.3.0.6
ibm	tivoli_monitoring	6.3.0.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C6368EC-1103-419B-8A11-14443501B435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E58E2E4-ADA3-4189-BE8C-1943CDEA7791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9F4C32-6077-475E-A285-F98A0336C53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0355309B-CCBF-49EA-BE50-7B8E9B637473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C781C7-70D8-44EA-8847-54815053A092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F409ECF-2033-49E0-9599-DD827CD4DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9C84EAD-BA6A-45B8-A628-2E5003E87778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "00506901-696A-4EC1-B560-08BBDCBB41CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7484661E-4906-4027-B4B7-9AA952661923",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring V6 6.2.3 y 6.3.0 podr\u00eda permitir que un usuario no autenticado ejecute c\u00f3digo de forma remota mediante m\u00e9todos sin especificar. IBM X-Force ID: 137034."
    }
  ],
  "id": "CVE-2017-1789",
  "lastModified": "2024-11-21T03:22:22.007",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-22T12:29:00.503",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2017-07-17 13:18

Modified

2024-11-21 03:21

Severity ?

7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22003402	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/99610	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1038913	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/123494	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22003402	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99610	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038913	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/123494	VDB Entry, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3.5
ibm	tivoli_monitoring	6.3.0.7

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7484661E-4906-4027-B4B7-9AA952661923",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
    },
    {
      "lang": "es",
      "value": "IBM Tivoli Monitoring Portal v6 permite a un atacante local o de una red adyacente modificar comando SQL al Portal Server, cuando las comunicaciones por defecto entre el cliente y el servidor HTTP est\u00e1n siendo usadas. IBM X-Force ID: 123494."
    }
  ],
  "id": "CVE-2017-1183",
  "lastModified": "2024-11-21T03:21:27.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-17T13:18:22.047",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99610"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038913"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99610"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-05-28 15:55

Modified

2024-11-21 01:47

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivoli Monitoring 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21634920	Patch, Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83328
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21634920	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83328

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivoli Monitoring 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el navegador cliente Tivoli Enterprise Portal en IBM Tivoli Monitoring v6.2.0 hasta FP03, v6.2.1 hasta FP04, v6.2.2 hasta FP09, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2013-0576",
  "lastModified": "2024-11-21T01:47:47.500",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-05-28T15:55:01.340",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634920"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV32812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83328"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-21 17:55

Modified

2024-11-21 01:52

Severity ?

Summary

Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (segmentation fault) via a crafted http URL.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21635080
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83724
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21635080
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21640752	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83724

Impacted products

Vendor	Product	Version
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	application_manager_for_smart_business	1.2.1