IBM Security Bulletin: Security Bypass Vulnerability Addressed in Asset and Service Management (CVE-2014-3084)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
IBM Maximo Asset Management allows an authenticated attacker to modify calendar entries that they do not have access to by bypassing security restrictions. CVE(s): CVE-2014-3084 Affected product(s) and affected version(s): AFFECTED PRODUCTS: 1. Maximo Asset Management 7.5, 7.1, 6.2 2. Maximo Asset Management Essentials 7.5, 7.1 3. Maximo for Government 7.5, 7.1, 6.1 4. Maximo for Nuclear Power 7.5, 7.1, 6.2, 6.3 5. Maximo for Transportation 7.5, 7.1, 6.2, 6.3 6. Maximo for Life Sciences
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_security_bypass_vulnerability_addressed_in_asset_and_service_management_cve_2014_3084?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-3084 ,CVE-2014-3024 ,CVE-2014-0888 ,CVE-2014-3093 ,CVE-2013-5467 and CVE-2014-0897. |