Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Security Vulnerabilities Addressed in Asset and Service Mgmt |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
HTTP Response Splitting, Information Disclosure, SQL Injection, Security Bypass, Inadequate/Poor Input Control, Cross Site Scripting, and Gain Privileges vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and SmartCloud Control Desk. See Vulnerability Details for CVE IDs. CVE(s): CVE-2013-0451, CVE-2012-3333, CVE-2013-2998, CVE-2013-4016, CVE-2013-5464, CVE-2013-5465, CVE-2013-5460, CVE-2013-5402, CVE-2013-6741, More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_security_vulnerabilities_addressed_in_asset_and_service_mgmt?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2013-0451 ,CVE-2012-3333 ,CVE-2013-2998 ,CVE-2014-0963 ,CVE-2014-3010 ,CVE-2013-4286 ,CVE-2014-0033 ,CVE-2013-4322 ,CVE-2013-4590 ,CVE-2014-0411 ,CVE-2014-0050 ,CVE-2014-0925 ,CVE-2013-4016 ,CVE-2013-5464 ,CVE-2013-5465 ,CVE-2013-5460 ,CVE-2013-5402 ,CVE-2013-6741 ,CVE-2014-0824 ,CVE-2014-0825 ,CVE-2014-0849 and CVE-2014-0893. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-05-22 |