Data Exposure Vulnerability in IBM Tivoli Application Dependency Discovery Manager
CVE-2014-6148

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Application Dependency Discovery Manager
Vendor: CVE Published:; 31 October 2014

Summary

IBM Tivoli Application Dependency Discovery Manager (TADDM) versions 7.2.0.0 to 7.2.0.10, 7.2.1.0 to 7.2.1.6, and 7.2.2.0 to 7.2.2.2 are vulnerable due to a lack of authentication requirements for rptdesign downloads. This vulnerability enables remote authenticated users to exploit crafted URLs to access sensitive database information, leading to potential data exposure and unauthorized access. Proper authentication mechanisms should be enforced to mitigate the risks associated with this issue.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21688549

x_refsource_CONFIRM

http://secunia.com/advisories/61785

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/96918

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Oct 31, 2014
Vulnerability Reserved
Sep 2, 2014