Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, and 7.5.0.4 before IFIX011; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140207-1801, and 7.1.1.12 before IFIX.20140218-1510 do not properly restrict file types during uploads, which allows remote authenticated users to have an unspecified impact via an invalid type.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款IBM产品权限许可和访问控制漏洞
Vulnerability Description
IBM Maximo Asset Management等都是美国IBM公司的产品。IBM Maximo Asset Management是一套综合性资产生命周期和维护管理解决方案。SmartCloud Control Desk(SCCD)是一套统一资产和服务管理软件。Tivoli Service Request Manager是一套IT服务管理解决方案。 多款IBM产品中存在安全漏洞。远程攻击者可利用该漏洞上传无效的文件类型到服务器。以下产品受到影响:IBM Maximo Asset Management
CVSS Information
N/A
Vulnerability Type
N/A