CVE-2013-5465

Published: May 26, 2014Modified: May 6, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, and 7.5.0.4 before IFIX011; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140207-1801, and 7.1.1.12 before IFIX.20140218-1510 do not properly restrict file types during uploads, which allows remote authenticated users to have an unspecified impact via an invalid type.

Affected (36)

Products: Ibm: Maximo Asset Management, Change And Configuration Management Database, Maximo Service Desk, Tivoli Asset Management For It, Tivoli It Asset Management For It, Tivoli Service Request Manager, Smartcloud Control Desk

Ibm

7 products

Maximo Asset Management

Change And Configuration Management Database

Maximo Service Desk

Tivoli Asset Management For It

Tivoli It Asset Management For It

Tivoli Service Request Manager

Smartcloud Control Desk

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Maximo Asset Management	Version 7.5.0.0
Ibm Maximo Asset Management	Version 7.5.0.1
Ibm Maximo Asset Management	Version 7.5.0.2
Ibm Maximo Asset Management	Version 7.5.0.3
Ibm Maximo Asset Management	Version 7.5.0.4

Configuration B

15 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ibm Change And Configuration Management Database	Version 7.1.1.11
Ibm Change And Configuration Management Database	Version 7.1.1.12
Ibm Change And Configuration Management Database	Version 7.1.1.7
Ibm Maximo Service Desk	Version 7.1.1.11
Ibm Maximo Service Desk	Version 7.1.1.12
Ibm Maximo Service Desk	Version 7.1.1.7
Ibm Tivoli Asset Management For It	Version 7.0
Ibm Tivoli Asset Management For It	Version 7.1
Ibm Tivoli It Asset Management For It	Version 7.1.1.11
Ibm Tivoli It Asset Management For It	Version 7.1.1.12
Ibm Tivoli It Asset Management For It	Version 7.1.1.7
Ibm Tivoli Service Request Manager	Version 7.1.1.11
Ibm Tivoli Service Request Manager	Version 7.1.1.12
Ibm Tivoli Service Request Manager	Version 7.1.1.7
Ibm Tivoli Service Request Manager	Version 7.1.1

Running on/with	Platform Versions
Ibm Tivoli Service Request Manager	Version 7.0
Ibm Tivoli Service Request Manager	Version 7.1.0.0

Configuration C

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Smartcloud Control Desk	Version 7.0
Ibm Smartcloud Control Desk	Version 7.5.0.0
Ibm Smartcloud Control Desk	Version 7.5.0.1
Ibm Smartcloud Control Desk	Version 7.5.0.2
Ibm Smartcloud Control Desk	Version 7.5.1.0
Ibm Smartcloud Control Desk	Version 7.5.1.1
Ibm Smartcloud Control Desk	Version 7.5

Configuration D

9 vulnerable

Vulnerable Software	Affected Versions
Ibm Maximo Asset Management	Version 7.1.1.11
Ibm Maximo Asset Management	Version 7.1.1.12
Ibm Maximo Asset Management	Version 7.1.1.1
Ibm Maximo Asset Management	Version 7.1.1.2
Ibm Maximo Asset Management	Version 7.1.1.5
Ibm Maximo Asset Management	Version 7.1.1.6
Ibm Maximo Asset Management	Version 7.1.1.7
Ibm Maximo Asset Management	Version 7.1.1
Ibm Maximo Asset Management	Version 7.1