CVE-2013-4040
Summary
| CVE | CVE-2013-4040 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-05-01 18:29:00 UTC |
| Updated | 2018-06-13 11:13:00 UTC |
| Description | IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. |
Risk And Classification
Problem Types: CWE-275
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Tivoli Application Dependency Discovery Manager | 7.1.2 | All | All | All |
| Application | Ibm | Tivoli Application Dependency Discovery Manager | 7.1.2 | All | All | All |
| Application | Ibm | Tivoli Application Dependency Discovery Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | VDB Entry, Vendor Advisory |
| Security Bulletin: TADDM – Security improvement: More restricted permission on TADDM files on UNIX-like servers. | CONFIRM | www-01.ibm.com | Mitigation, Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.