Information disclosure in Ibm Change_and_configuration_management_database

CVE-2013-6741

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manag…

Vulnerability class: Information Disclosure

EPSS: 0.002 (39.3th percentile) — read the EPSS interpretation.

Affected products

Ibm Change_and_configuration_management_database — versions 7.1.1.7
Ibm Maximo_asset_management — versions 7.1, 7.1.1, 7.1.1.1
Ibm Maximo_service_desk — versions 7.1.1.7
Ibm Smartcloud_control_desk — versions 7.0, 7.5, 7.5.0.0
Ibm Tivoli_asset_management_for_it — versions 7.0, 7.1
Ibm Tivoli_it_asset_management_for_it — versions 7.1.1.7
Ibm Tivoli_service_request_manager — versions 7.0, 7.1.0.0, 7.1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-maximo-cve20136741-info-disc(89857) (vdb-entry, x_refsource_XF)
IV50316 (vendor-advisory, x_refsource_AIXAPAR)