CVE-2013-2974

Published: Jan 29, 2014Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL.

Affected (4)

Products: Ibm: Tivoli Application Dependency Discovery Manager

Ibm

1 product

Tivoli Application Dependency Discovery Manager

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Ibm Tivoli Application Dependency Discovery Manager	Version 7.2.1.1
Ibm Tivoli Application Dependency Discovery Manager	Version 7.2.1.2
Ibm Tivoli Application Dependency Discovery Manager	Version 7.2.1.3
Ibm Tivoli Application Dependency Discovery Manager	Version 7.2.1.4

Related CWEs

CWE-264

References (4)

http://www.ibm.com/support/docview.wss?uid=swg21662955

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/83877

Source: psirt@us.ibm.com

http://www.ibm.com/support/docview.wss?uid=swg21662955

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/83877

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.