CVE-2013-6741

IBM Maximo Asset Management 7.x < 7.1.1.7 and 7.5.x < 7.5.0.5 - Sensitive Information Exposure

Title source: llm
STIX 2.1

Description

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837 allow remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21670870
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/89857
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IV50316

Scores

EPSS 0.0095
EPSS Percentile 57.0%

Details

CWE
CWE-200
Status published
Products (27)
ibm/change_and_configuration_management_database 7.1.1.7
ibm/maximo_asset_management 7.1
ibm/maximo_asset_management 7.1.1
ibm/maximo_asset_management 7.1.1.1
ibm/maximo_asset_management 7.1.1.2
ibm/maximo_asset_management 7.1.1.5
ibm/maximo_asset_management 7.1.1.6
ibm/maximo_asset_management 7.1.1.7
ibm/maximo_asset_management 7.5.0.0
ibm/maximo_asset_management 7.5.0.1
... and 17 more
Published May 26, 2014
Tracked Since Feb 18, 2026