CVE-2015-4929Sensitive Information Exposure in IBM License Metric Tool

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.1%
top 65.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM License Metric Tool
Timeline
PublishedOct 11
Latest updateMay 17

Description

IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/license_metric_tool5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-pwxr-cqp4-xqp9: IBM License Metric Tool 9 before 92022-05-17
CVEList
CVE-2015-4929: IBM License Metric Tool 9 before 92015-10-11