{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-08T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T15:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"}, {"name": "ibm-itm-cve20146141-sec-bypass(96911)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2014-6141", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"}, {"name": "ibm-itm-cve20146141-sec-bypass(96911)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:10:12.181Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"}, {"name": "ibm-itm-cve20146141-sec-bypass(96911)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2014-6141", "datePublished": "2015-02-02T01:00:00", "dateReserved": "2014-09-02T00:00:00", "dateUpdated": "2024-08-06T12:10:12.181Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C6368EC-1103-419B-8A11-14443501B435", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "1E58E2E4-ADA3-4189-BE8C-1943CDEA7791", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F1EEA0F-0501-4316-BD33-ECF44BDD9008", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EBDE2E0B-6F98-4289-A3AF-EF4105782C7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A9F4C32-6077-475E-A285-F98A0336C53F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0355309B-CCBF-49EA-BE50-7B8E9B637473", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3C781C7-70D8-44EA-8847-54815053A092", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1F409ECF-2033-49E0-9599-DD827CD4DB2A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands."}, {"lang": "es", "value": "IBM Tivoli Monitoring (ITM) 6.2.0 hasta FP03, 6.2.1 hasta FP04, 6.2.2 hasta FP09, 6.2.3 hasta FP05, y 6.3.0 anterior a FP04 permite a usuarios remotos autenticados evadir las restricciones de acceso y ejecutar comandos arbitrarios mediante el aprovechamiento de la autoridad de visualizaci\u00f3n 'Take Action' para modificar los comandos en proceso."}], "id": "CVE-2014-6141", "lastModified": "2017-09-08T01:29:09.917", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-02-02T01:59:01.373", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690932"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96911"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}