CVE-2015-4929

Published: Oct 11, 2015Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request.

Affected (5)

Products: Ibm: License Metric Tool

Ibm

1 product

License Metric Tool

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm License Metric Tool	Version 9.0.1
Ibm License Metric Tool	Version 9.0
Ibm License Metric Tool	Version 9.1.0.1
Ibm License Metric Tool	Version 9.1.0.2
Ibm License Metric Tool	Version 9.2.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21966169

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securitytracker.com/id/1033758

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21966169

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1033758

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.