CVE-2014-4765

EUVD-2014-4684
IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote attackers to obtain sensitive directory information by reading an unspecified error message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
ibmchange_and_configuration_management_database
7.1
ibmchange_and_configuration_management_database
7.2
ibmmaximo_asset_management
7.1
ibmmaximo_asset_management
7.1.1
ibmmaximo_asset_management
7.1.1.1
ibmmaximo_asset_management
7.1.1.2
ibmmaximo_asset_management
7.1.1.5
ibmmaximo_asset_management
7.1.1.6
ibmmaximo_asset_management
7.1.1.7
ibmmaximo_asset_management
7.1.1.8
ibmmaximo_asset_management
7.1.1.9
ibmmaximo_asset_management
7.1.1.10
ibmmaximo_asset_management
7.1.1.11
ibmmaximo_asset_management
7.1.1.12
ibmmaximo_asset_management
7.1.1.13
ibmmaximo_asset_management
7.1.2
ibmmaximo_asset_management
7.5.0.0
ibmmaximo_asset_management
7.5.0.1
ibmmaximo_asset_management
7.5.0.2
ibmmaximo_asset_management
7.5.0.3
ibmmaximo_asset_management
7.5.0.4
ibmmaximo_asset_management
7.5.0.5
ibmmaximo_asset_management
7.5.0.6
ibmmaximo_asset_management
7.5.0.10
ibmmaximo_asset_management_essentials
7.1
ibmmaximo_asset_management_essentials
7.5.0.0
ibmmaximo_for_government
7.1
ibmmaximo_for_government
7.5.0.0
ibmmaximo_for_life_sciences
7.1
ibmmaximo_for_life_sciences
7.5.0.0
ibmmaximo_for_nuclear_power
7.1
ibmmaximo_for_nuclear_power
7.5.0.0
ibmmaximo_for_oil_and_gas
7.1
ibmmaximo_for_oil_and_gas
7.5.0.0
ibmmaximo_for_transportation
7.1
ibmmaximo_for_transportation
7.5.0.0
ibmmaximo_for_utilities
7.1
ibmmaximo_for_utilities
7.5.0.0
ibmsmartcloud_control_desk
7.5.0.1
ibmsmartcloud_control_desk
7.5.0.2
ibmsmartcloud_control_desk
7.5.0.3
ibmsmartcloud_control_desk
7.5.0.5
ibmsmartcloud_control_desk
7.5.1.0
ibmsmartcloud_control_desk
7.5.1.1
ibmtivoli_asset_management_for_it
7.1
ibmtivoli_asset_management_for_it
7.2
ibmtivoli_service_request_manager
7.1
ibmtivoli_service_request_manager
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21685289
https://exchange.xforce.ibmcloud.com/vulnerabilities/94757
http://www-01.ibm.com/support/docview.wss?uid=swg21685289
https://exchange.xforce.ibmcloud.com/vulnerabilities/94757