| Title | 複数の IBM 製品におけるパストラバーサルの脆弱性 |
|---|---|
| Summary | 複数の IBM 製品には、パストラバーサルの脆弱性が存在します。 |
| Possible impacts | 情報を取得される可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | May 27, 2015, midnight |
| Registration Date | May 22, 2017, 6:28 p.m. |
| Last Update | May 22, 2017, 6:28 p.m. |
| CVSS3.0 : 警告 | |
| Score | 6.5 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| CVSS2.0 : 警告 | |
| Score | 4 |
|---|---|
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
| IBM |
| IBM Maximo Asset Management |
| IBM Maximo for Government |
| IBM Maximo for Life Sciences |
| IBM Maximo for Nuclear Power |
| IBM Maximo for Oil and Gas |
| IBM Maximo for Transportation |
| IBM Maximo for Utilities |
| Tivoli Asset Management for IT |
| Tivoli Change and Configuration Management Database 7.1.1.8 までの 7.1 |
| Tivoli Change and Configuration Management Database 7.2 |
| Tivoli Service Request Manager |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2017年05月22日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to conduct directory traversal attacks via unspecified vectors. |
|---|---|
| Publication Date | April 24, 2017, 3:59 p.m. |
| Registration Date | Jan. 26, 2021, 2:43 p.m. |
| Last Update | Nov. 21, 2024, 11:22 a.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:tivoli_service_request_manager:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:tivoli_service_request_manager:7.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:* | |||||