Denial of Service Vulnerability in IBM License Metric Tool and Tivoli Asset Discovery
CVE-2014-8926

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Asset Discovery For Distributed; License Metric Tool; Endpoint Manager Family
Vendor: CVE Published:; 25 May 2015

Summary

A denial of service vulnerability exists in IBM License Metric Tool and Tivoli Asset Discovery that can be exploited by remote attackers through a specially crafted XML query. This flaw can lead to high CPU consumption or even cause the application to crash, disrupting service availability. Users of affected versions should evaluate their systems for potential exposure and implement necessary security measures.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21882695

x_refsource_CONFIRM

Timeline

Vulnerability published
May 25, 2015
Vulnerability Reserved
Nov 14, 2014