What is the severity of CVE-2011-4817?

The severity of CVE-2011-4817 is considered low.

How do I fix CVE-2011-4817?

To fix CVE-2011-4817, apply the latest patches provided by IBM for the affected versions.

Which IBM products are affected by CVE-2011-4817?

CVE-2011-4817 affects IBM Maximo Asset Management, IBM Tivoli Asset Management for IT, and IBM Tivoli Service Request Manager.

What are the affected versions for CVE-2011-4817?

Affected versions of CVE-2011-4817 include IBM Maximo Asset Management versions 6.2, 7.1, 7.5 and similar versions for Essentials, Tivoli Asset Management for IT, and Tivoli Service Request Manager.

What vulnerabilities does CVE-2011-4817 exploit?

CVE-2011-4817 exploits a weakness in the About option on the Help menu of the affected IBM products.

Vulnerability/
CVE-2011-4817

medium

CWE

200

13/3/2012

7/8/2024

CVE-2011-4817: Infoleak

First published: Tue Mar 13 2012(Updated: 7 months ago)

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 shows the username, which might allow remote authenticated users to have an unspecified impact via a targeted attack against the corresponding user account.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Maximo Asset Management	=7.5
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=6.2
IBM Maximo Asset Management Essentials	=6.2
IBM Maximo Asset Management Essentials	=7.5
IBM Maximo Asset Management Essentials	=7.1
IBM Tivoli IT Asset Management for IT	=7.2
IBM Tivoli IT Asset Management for IT	=7.1
IBM Tivoli IT Asset Management for IT	=6.2
IBM Tivoli Service Request Manager	=7.1
IBM Tivoli Service Request Manager	=7.2
IBM Maximo Service Desk	=6.2
IBM Tivoli Change and Configuration Management Database	=7.1
IBM Tivoli Change and Configuration Management Database	=7.2
IBM Tivoli Change and Configuration Management Database	=6.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-4817?
The severity of CVE-2011-4817 is considered low.
How do I fix CVE-2011-4817?
To fix CVE-2011-4817, apply the latest patches provided by IBM for the affected versions.
Which IBM products are affected by CVE-2011-4817?
CVE-2011-4817 affects IBM Maximo Asset Management, IBM Tivoli Asset Management for IT, and IBM Tivoli Service Request Manager.
What are the affected versions for CVE-2011-4817?
Affected versions of CVE-2011-4817 include IBM Maximo Asset Management versions 6.2, 7.1, 7.5 and similar versions for Essentials, Tivoli Asset Management for IT, and Tivoli Service Request Manager.
What vulnerabilities does CVE-2011-4817 exploit?
CVE-2011-4817 exploits a weakness in the About option on the Help menu of the affected IBM products.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/author
agent/severity
agent/event
agent/first-publish-date
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ibm
canonical/ibm maximo asset management
version/ibm maximo asset management/7.5
version/ibm maximo asset management/7.1
version/ibm maximo asset management/6.2
canonical/ibm maximo asset management essentials
version/ibm maximo asset management essentials/6.2
version/ibm maximo asset management essentials/7.5
version/ibm maximo asset management essentials/7.1
canonical/ibm tivoli it asset management for it
version/ibm tivoli it asset management for it/7.2
version/ibm tivoli it asset management for it/7.1
version/ibm tivoli it asset management for it/6.2
canonical/ibm tivoli service request manager
version/ibm tivoli service request manager/7.1
version/ibm tivoli service request manager/7.2
canonical/ibm maximo service desk
version/ibm maximo service desk/6.2
canonical/ibm tivoli change and configuration management database
version/ibm tivoli change and configuration management database/7.1
version/ibm tivoli change and configuration management database/7.2
version/ibm tivoli change and configuration management database/6.2