6.8

CVE-2012-2183

EPSS 0.74%
Veröffentlicht 10.09.2012 17:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@us.ibm.com
Teams Watchlist Login
Unerledigt Login

Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Change And Configuration Management Database Version6.0

Ibm ≫ Change And Configuration Management Database Version7.0

Ibm ≫ Maximo Asset Management Version6.2.0.0

Ibm ≫ Maximo Asset Management Version7.1.0.0

Ibm ≫ Maximo Asset Management Version7.5.0.0

Ibm ≫ Maximo Service Desk Version6.2

Ibm ≫ Smartcloud Control Desk Version7.0

Ibm ≫ Tivoli Asset Management For It Version6.0

Ibm ≫ Tivoli Asset Management For It Version6.2

Ibm ≫ Tivoli Asset Management For It Version7.0

Ibm ≫ Tivoli Asset Management For It Version7.1

Ibm ≫ Tivoli Asset Management For It Version7.2

Ibm ≫ Tivoli Service Request Manager Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.74%	0.706

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/50551

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21610081

http://osvdb.org/85185

http://www-01.ibm.com/support/docview.wss?uid=swg1IV09212

https://exchange.xforce.ibmcloud.com/vulnerabilities/75776

https://nvd.nist.gov/vuln/detail/CVE-2012-2183

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2183

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2183

EUVD