{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-30T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T15:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688549"}, {"name": "61785", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/61785"}, {"name": "ibm-taddm-cve20146148-info-disc(96918)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96918"}, {"name": "70842", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/70842"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-6148", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688549", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688549"}, {"name": "61785", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61785"}, {"name": "ibm-taddm-cve20146148-info-disc(96918)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96918"}, {"name": "70842", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70842"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:10:12.215Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688549"}, {"name": "61785", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/61785"}, {"name": "ibm-taddm-cve20146148-info-disc(96918)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96918"}, {"name": "70842", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/70842"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2014-6148", "datePublished": "2014-10-31T10:00:00", "dateReserved": "2014-09-02T00:00:00", "dateUpdated": "2024-08-06T12:10:12.215Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C3051563-70C2-432A-9874-6529362142B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C95C26D6-183C-478D-9301-513DAB774616", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B78F659C-C466-4337-8552-154EC7652BA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C02B4388-6AAB-436D-9F21-5CDA8BE20A97", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C610817E-069B-42BF-84F1-A55EF30FF15A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DC9BFA83-02BE-4E7A-98A1-4BEC6B74949D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B3BAD402-6022-4D72-839A-A92B984278D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "3C314050-B3BA-4AB6-A7C4-6E48CEEB6E0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "186660BD-4B0F-4A2A-A6A6-1E61FB61BF58", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "152727A5-7CA6-4AF8-A42A-1049BFB9AB94", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "B9801F07-7AA8-4F76-B1B8-90271CB0D8E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F27ECD8-CC5D-4974-AE3B-658D2871FF0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "035E6C30-71E7-4EA9-A3C1-71BB371E4A94", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FCD5C82A-7E0E-4282-B9B1-0655670BD53E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B45DA120-0BFB-4F0C-990B-34C0821B5583", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "5695CA2C-7F34-4350-8C25-F5584ABCCCF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "42BFE717-10BC-4710-AFE9-1565F32C2450", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "757D89F2-7C6D-4213-89EF-DE766D161B26", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BB2F6EF3-721A-43AB-AAFD-BE3EEDB0AA61", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3DD8CEAD-68EF-4E15-AC6A-ED04839E1F72", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D79C7CB3-DB2B-4E13-B4D8-25F90B0A057E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL."}, {"lang": "es", "value": "IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 no requiere la autenticaci\u00f3n TADDM para las descargas rptdesign, lo que permite a usuarios remotos autenticados obtener informaci\u00f3n sensible de la base de datos a trav\u00e9s de una URL manipulada."}], "id": "CVE-2014-6148", "lastModified": "2024-11-21T02:13:51.753", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-10-31T10:55:02.330", "references": [{"source": "[email protected]", "url": "http://secunia.com/advisories/61785"}, {"source": "[email protected]", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688549"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/70842"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96918"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/61785"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688549"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/70842"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96918"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "[email protected]", "type": "Primary"}]}

{}