Access Bypass Vulnerability in IBM Tivoli Monitoring Products
CVE-2014-6141

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Monitoring
Vendor: CVE Published:; 2 February 2015

Summary

A vulnerability in IBM Tivoli Monitoring allows remote authenticated users to bypass access restrictions and potentially execute arbitrary commands. This issue arises from insufficient control measures associated with the Take Action view authority, which enables manipulation of ongoing commands. Users operating within the affected versions, if granted improper access, could exploit this weakness to perform unauthorized actions, highlighting the importance of applying patches and actively monitoring system configurations.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21690932

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96911

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 2, 2015
Vulnerability Reserved
Sep 2, 2014