Vulnerability CVE-2014-6194


Published: 2015-02-16   Modified: 2015-02-17

Description:
Directory traversal vulnerability in an unspecified web form in IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX007, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to read arbitrary files via a .. (dot dot) in a pathname.

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Vendor: IBM
Product: Smartcloud control desk 
Version:
7.5.1.1
7.5.1.0
7.5.0.5
7.5.0.3
7.5.0.2
7.5.0.1
Product: Maximo asset management 
Version:
7.5.0.6
7.5.0.5
7.5.0.4
7.5.0.3
7.5.0.2
7.5.0.10
7.5.0.1
7.5.0.0
7.1.2
7.1.1.9
7.1.1.8
7.1.1.7
7.1.1.6
7.1.1.5
7.1.1.2
7.1.1.13
7.1.1.12
7.1.1.11
7.1.1.10
7.1.1.1
7.1.1
7.1
Product: Maximo asset management essentials 
Version: 7.5.0.0; 7.1;
Product: Maximo for government 
Version: 7.5.0.0; 7.1;
Product: Maximo for life sciences 
Version: 7.5.0.0; 7.1;
Product: Maximo for nuclear power 
Version: 7.5.0.0; 7.1;
Product: Maximo for oil and gas 
Version: 7.5.0.0; 7.1;
Product: Maximo for transportation 
Version: 7.5.0.0; 7.1;
Product: Maximo for utilities 
Version: 7.5.0.0; 7.1;
Product: Change and configuration management database 
Version: 7.2; 7.1;
Product: Tivoli asset management for it 
Version: 7.2; 7.1;
Product: Tivoli service request manager 
Version: 7.2; 7.1;

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21694035
http://xforce.iss.net/xforce/xfdb/98605

Related CVE
CVE-2016-9750
IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 120207.
CVE-2016-9735
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,
CVE-2016-5979
IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user....
CVE-2017-1137
IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to the admin console. IBM X-Force ID: 121549.
CVE-2017-1103
IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all ava...
CVE-2016-6035
IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...
CVE-2016-6037
IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web b...
CVE-2016-3032
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

Copyright 2017, cxsecurity.com