IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products do not properly handle logout actions, which allows remote attackers to bypass intended Cognos BI Direct Integration access restrictions by leveraging an unattended workstation.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21695597 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/96141 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2015-02-17T01:00:00
Updated: 2017-09-07T15:57:01
Reserved: 2014-09-02T00:00:00
Link: CVE-2014-6102
JSON object: View
NVD Information
Status : Modified
Published: 2015-02-17T01:59:00.053
Modified: 2017-09-08T01:29:08.807
Link: CVE-2014-6102
JSON object: View
Redhat Information
No data.
CWE