CVE-2015-0104

EUVD-2015-0142
IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to execute arbitrary code via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
ibmchange_and_configuration_management_database
7.1
ibmchange_and_configuration_management_database
7.2
ibmmaximo_asset_management
7.1
ibmmaximo_asset_management
7.1.1
ibmmaximo_asset_management
7.1.1.1
ibmmaximo_asset_management
7.1.1.2
ibmmaximo_asset_management
7.1.1.5
ibmmaximo_asset_management
7.1.1.6
ibmmaximo_asset_management
7.1.1.7
ibmmaximo_asset_management
7.1.1.8
ibmmaximo_asset_management_essentials
7.1
ibmmaximo_for_government
7.1
ibmmaximo_for_life_sciences
7.1
ibmmaximo_for_nuclear_power
7.1
ibmmaximo_for_oil_and_gas
7.1
ibmmaximo_for_transportation
7.1
ibmmaximo_for_utilities
7.1
ibmtivoli_asset_management_for_it
7.1
ibmtivoli_asset_management_for_it
7.2
ibmtivoli_service_request_manager
7.1
ibmtivoli_service_request_manager
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21694974
http://www.securityfocus.com/bid/97999
http://www-01.ibm.com/support/docview.wss?uid=swg21694974
http://www.securityfocus.com/bid/97999