Denial of Service Vulnerability in IBM License Metric Tool and Tivoli Solutions
CVE-2014-8927

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Asset Discovery For Distributed; License Metric Tool; Endpoint Manager Family
Vendor: CVE Published:; 25 May 2015

Summary

The Common Inventory Technology (CIT) in IBM License Metric Tool versions prior to 2.7.0.2050 and various Tivoli solutions is susceptible to a denial of service attack. An attacker can exploit this vulnerability by sending a specially crafted XML query, leading to excessive CPU consumption or application crashes. This issue underscores the importance of prompt updates and secure coding practices to mitigate potential threats.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21882695

x_refsource_CONFIRM

Timeline

Vulnerability published
May 25, 2015
Vulnerability Reserved
Nov 14, 2014