Vulnerability CVE-2014-6194


Published: 2015-02-16   Modified: 2015-02-17

Description:
Directory traversal vulnerability in an unspecified web form in IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX007, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to read arbitrary files via a .. (dot dot) in a pathname.

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Vendor: IBM
Product: Smartcloud control desk 
Version:
7.5.1.1
7.5.1.0
7.5.0.5
7.5.0.3
7.5.0.2
7.5.0.1
Product: Maximo asset management 
Version:
7.5.0.6
7.5.0.5
7.5.0.4
7.5.0.3
7.5.0.2
7.5.0.10
7.5.0.1
7.5.0.0
7.1.2
7.1.1.9
7.1.1.8
7.1.1.7
7.1.1.6
7.1.1.5
7.1.1.2
7.1.1.13
7.1.1.12
7.1.1.11
7.1.1.10
7.1.1.1
7.1.1
7.1
Product: Maximo asset management essentials 
Version: 7.5.0.0; 7.1;
Product: Maximo for government 
Version: 7.5.0.0; 7.1;
Product: Maximo for life sciences 
Version: 7.5.0.0; 7.1;
Product: Maximo for nuclear power 
Version: 7.5.0.0; 7.1;
Product: Maximo for oil and gas 
Version: 7.5.0.0; 7.1;
Product: Maximo for transportation 
Version: 7.5.0.0; 7.1;
Product: Maximo for utilities 
Version: 7.5.0.0; 7.1;
Product: Change and configuration management database 
Version: 7.2; 7.1;
Product: Tivoli asset management for it 
Version: 7.2; 7.1;
Product: Tivoli service request manager 
Version: 7.2; 7.1;

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21694035
http://xforce.iss.net/xforce/xfdb/98605

Related CVE
CVE-2017-1120
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...
CVE-2016-9737
IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...
CVE-2016-8960
IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subs...
CVE-2016-6102
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM Reference #:...
CVE-2016-6056
IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wi...
CVE-2017-1146
IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...
CVE-2017-1151
IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.
CVE-2017-1155
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference #: 1999754.

Copyright 2017, cxsecurity.com