CVE-2015-0107 — Vulnetix

Try Vulnetix Request Demo

CVE-2015-0107 PUBLISHED CVSS 6.5 MEDIUM

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to conduct directory traversal attacks via unspecified vectors.

EPSS 7.17% · 91.5th percentile

Risk Scores

CVSS v3.0

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

7.17%

91.5th percentile

Affected Products

Vendor	Product	Versions
ibm	maximo_asset_management	7.1.1.7, 7.1.1.6, 7.1.1.8
ibm	maximo_asset_management_essentials	7.1
ibm	maximo_for_oil_and_gas	7.1
n/a	n/a	n/a
ibm	tivoli_asset_management_for_it	7.2, 7.1
ibm	maximo_for_transportation	7.1
ibm	maximo_for_utilities	7.1
ibm	maximo_for_government	7.1
ibm	tivoli_service_request_manager	7.2, 7.1
ibm	maximo_for_life_sciences	7.1
ibm	change_and_configuration_management_database	7.2, 7.1
ibm	maximo_for_nuclear_power	7.1

Timeline

Feb 2, 2015 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

97998 vdb
http://www-01.ibm.com/support/docview.wss?uid=swg21694974 url
https://nvd.nist.gov/vuln/detail/CVE-2015-0107 advisory
http://www.ibm.com/support/docview.wss?uid=swg21695670 advisory
http://www.ibm.com/support/docview.wss?uid=swg21695324 advisory

Open in Interactive Console →