{"api_version":"1","generated_at":"2026-04-23T09:51:03+00:00","cve":"CVE-2013-4040","urls":{"html":"https://cve.report/CVE-2013-4040","api":"https://cve.report/api/cve/CVE-2013-4040.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-4040","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-4040"},"summary":{"title":"CVE-2013-4040","description":"IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.","state":"PUBLIC","assigner":"psirt@us.ibm.com","published_at":"2018-05-01 18:29:00","updated_at":"2018-06-13 11:13:00"},"problem_types":["CWE-275"],"metrics":[],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86176","name":"ibm-tivoli-cve20134040-info-disc(86176)","refsource":"XF","tags":["VDB Entry","Vendor Advisory"],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www-01.ibm.com/support/docview.wss?uid=swg21672253","name":"https://www-01.ibm.com/support/docview.wss?uid=swg21672253","refsource":"CONFIRM","tags":["Mitigation","Patch","Vendor Advisory"],"title":"Security Bulletin: TADDM – Security improvement: More restricted permission on TADDM files on UNIX-like servers.","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-4040","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4040","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"4040","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"tivoli_application_dependency_discovery_manager","cpe6":"7.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"4040","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"tivoli_application_dependency_discovery_manager","cpe6":"7.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"4040","vulnerable":"1","versionEndIncluding":"7.2.1.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"tivoli_application_dependency_discovery_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@us.ibm.com","ID":"CVE-2013-4040","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://www-01.ibm.com/support/docview.wss?uid=swg21672253","refsource":"CONFIRM","url":"https://www-01.ibm.com/support/docview.wss?uid=swg21672253"},{"name":"ibm-tivoli-cve20134040-info-disc(86176)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86176"}]}},"nvd":{"publishedDate":"2018-05-01 18:29:00","lastModifiedDate":"2018-06-13 11:13:00","problem_types":["CWE-275"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0.0","versionEndIncluding":"7.2.1.4","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"4040","Ordinal":"63699","Title":"CVE-2013-4040","CVE":"CVE-2013-4040","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"4040","Ordinal":"1","NoteData":"IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.","Type":"Description","Title":null},{"CveYear":"2013","CveId":"4040","Ordinal":"2","NoteData":"2018-05-01","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"4040","Ordinal":"3","NoteData":"2018-05-01","Type":"Other","Title":"Modified"}]}}}