Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2998

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2013-2998
Last Modified 27 May 2014 01:20:49
Published 26 May 2014 07:14:51
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2013-2998

Summary

frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive information via an invalid action_code.

Vulnerable Systems

Application

  • Ibm Maximo Asset Management 7.1

  • Ibm Maximo Asset Management 7.1.1

  • Ibm Maximo Asset Management 7.1.1.1

  • Ibm Maximo Asset Management 7.1.1.10

  • Ibm Maximo Asset Management 7.1.1.11

  • Ibm Maximo Asset Management 7.1.1.12

  • Ibm Maximo Asset Management 7.1.1.2

  • Ibm Maximo Asset Management 7.1.1.5

  • Ibm Maximo Asset Management 7.1.1.6

  • Ibm Maximo Asset Management 7.1.1.7

  • Ibm Maximo Asset Management 7.1.1.8

  • Ibm Maximo Asset Management 7.1.1.9

  • Ibm Maximo Asset Management 7.1.2

  • Ibm Maximo Asset Management 7.5.0.0

  • Ibm Maximo Asset Management 7.5.0.1

  • Ibm Maximo Asset Management 7.5.0.2

  • Ibm Maximo Asset Management 7.5.0.3

  • Ibm Maximo Asset Management 7.5.0.4

  • Ibm Maximo Asset Management 7.5.0.5

  • Ibm Smartcloud Control Desk 7.0

  • Ibm Smartcloud Control Desk 7.5

  • Ibm Smartcloud Control Desk 7.5.0.0

  • Ibm Smartcloud Control Desk 7.5.0.1

  • Ibm Smartcloud Control Desk 7.5.0.2

  • Ibm Smartcloud Control Desk 7.5.1.0

  • Ibm Smartcloud Control Desk 7.5.1.1


References

XF - ibm-maximo-cve20132998-info-disc(84841)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21670870

AIXAPAR - IV34110


Last Updated: 27 May 2016 11:05:22