CVE-2013-4040

CWE-2753 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 89.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tivoli Application Dependency Discovery Manager

Timeline

PublishedMay 1

Latest updateMay 14

Description

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

▶NVDibm/tivoli_application_dependency_discovery_manager7.2.0.0 — 7.2.1.4+1

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-rqm9-jqx8-c9pj: IBM Tivoli Application Dependency Discovery Manager (TADDM) 7↗2022-05-14

▶

CVEList

CVE-2013-4040: IBM Tivoli Application Dependency Discovery Manager (TADDM) 7↗2018-05-01

▶