CVE-2014-8926

Published: May 25, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8927.

Affected (6)

Products: Ibm: Endpoint Manager Family, License Metric Tool, Tivoli Asset Discovery For Distributed

Ibm

3 products

Endpoint Manager Family

License Metric Tool

Tivoli Asset Discovery For Distributed

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Ibm Endpoint Manager Family	Version 9.0
Ibm License Metric Tool	Version 7.2.2
Ibm License Metric Tool	Version 7.5
Ibm License Metric Tool	Version 9.0.1
Ibm Tivoli Asset Discovery For Distributed	Version 7.2.2.0
Ibm Tivoli Asset Discovery For Distributed	Version 7.5

Related CWEs

CWE-399

References (2)

http://www-01.ibm.com/support/docview.wss?uid=swg21882695

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21882695

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.