IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote attackers to obtain sensitive directory information by reading an unspecified error message.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21685289 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/94757 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-10-01 17:55
Updated : 2017-08-28 18:35
NVD link : CVE-2014-4765
Mitre link : CVE-2014-4765
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
ibm
- maximo_for_life_sciences
- change_and_configuration_management_database
- tivoli_asset_management_for_it
- maximo_for_nuclear_power
- maximo_asset_management_essentials
- maximo_asset_management
- maximo_for_government
- smartcloud_control_desk
- maximo_for_utilities
- maximo_for_oil_and_gas
- tivoli_service_request_manager
- maximo_for_transportation