CVE-2013-3023

CWE-200 — Information Exposure3 documents3 sources

Severity

8.1HIGH

EPSS

0.3%

top 49.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tivoli Application Dependency Discovery Manager

Timeline

PublishedMay 24

Latest updateMay 14

Description

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

▶NVDibm/tivoli_application_dependency_discovery_manager7.2.0 — 7.2.1.4+1

🔴Vulnerability Details

GHSA

GHSA-r2gv-wrw6-vgq4: IBM Tivoli Application Dependency Discovery Manager (TADDM) 7↗2022-05-14

▶

CVEList

CVE-2013-3023: IBM Tivoli Application Dependency Discovery Manager (TADDM) 7↗2018-05-24

▶