Vulnerability CVE-2014-6194


Published: 2015-02-16   Modified: 2015-02-17

Description:
Directory traversal vulnerability in an unspecified web form in IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX007, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to read arbitrary files via a .. (dot dot) in a pathname.

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Vendor: IBM
Product: Smartcloud control desk 
Version:
7.5.1.1
7.5.1.0
7.5.0.5
7.5.0.3
7.5.0.2
7.5.0.1
Product: Maximo asset management 
Version:
7.5.0.6
7.5.0.5
7.5.0.4
7.5.0.3
7.5.0.2
7.5.0.10
7.5.0.1
7.5.0.0
7.1.2
7.1.1.9
7.1.1.8
7.1.1.7
7.1.1.6
7.1.1.5
7.1.1.2
7.1.1.13
7.1.1.12
7.1.1.11
7.1.1.10
7.1.1.1
7.1.1
7.1
Product: Maximo asset management essentials 
Version: 7.5.0.0; 7.1;
Product: Maximo for government 
Version: 7.5.0.0; 7.1;
Product: Maximo for life sciences 
Version: 7.5.0.0; 7.1;
Product: Maximo for nuclear power 
Version: 7.5.0.0; 7.1;
Product: Maximo for oil and gas 
Version: 7.5.0.0; 7.1;
Product: Maximo for transportation 
Version: 7.5.0.0; 7.1;
Product: Maximo for utilities 
Version: 7.5.0.0; 7.1;
Product: Change and configuration management database 
Version: 7.2; 7.1;
Product: Tivoli asset management for it 
Version: 7.2; 7.1;
Product: Tivoli service request manager 
Version: 7.2; 7.1;

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21694035
http://xforce.iss.net/xforce/xfdb/98605

Related CVE
CVE-2017-1379
IBM API Connect 5.0.0.0 could allow a remote attacker to obtain sensitive information, caused by improper handling of requests to the Developer Portal. IBM X-Force ID: 127002.
CVE-2017-1197
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 123672.
CVE-2017-1101
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2017-1102
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2017-1104
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2017-1100
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2017-1099
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force ID: 120659.
CVE-2016-9984
IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated attacker to execute arbitrary commands on the system as administrator. IBM X-Force ID: 120276.

Copyright 2017, cxsecurity.com