CVE-2013-6741

CWE-200 — Information Exposure3 documents3 sources

Severity

3.5LOW

EPSS

0.2%

top 60.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Change AND Configuration Management Database IBM Maximo Asset Management IBM Maximo Service Desk +4 more

Timeline

PublishedMay 26

Latest updateMay 17

Description

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837 allow remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages7 packages

▶NVDibm/maximo_asset_management13 versions+12

▶NVDibm/tivoli_asset_management7.0, 7.1+1

▶NVDibm/tivoli_it_asset_management7.1.1.7

▶NVDibm/maximo_service_desk7.1.1.7

▶NVDibm/tivoli_service_request_manager7.1.1, 7.1.1.7+1

🔴Vulnerability Details

GHSA

GHSA-2gvc-824f-4c6w: IBM Maximo Asset Management 7↗2022-05-17

▶

CVEList

CVE-2013-6741: IBM Maximo Asset Management 7↗2014-05-26

▶