Access Restriction Bypass in IBM License Metric Tool and Endpoint Manager
CVE-2015-4929

Currently unrated

Key Information:

Vendor: IBM
Status: License Metric Tool
Vendor: CVE Published:; 11 October 2015

What is CVE-2015-4929?

The vulnerability allows remote authenticated users to bypass access restrictions in IBM License Metric Tool and Endpoint Manager, leading to the potential exposure of sensitive information via a REST API request. This security flaw affects certain versions prior to 9.2.1.0, which may allow unauthorized users to gain insights into the system's protected data.

References

http://www.securitytracker.com/id/1033758

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=swg21966169

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2015
Vulnerability Reserved
Jun 24, 2015