What is the severity of CVE-2012-2183?

CVE-2012-2183 is classified as a medium severity vulnerability.

How do I fix CVE-2012-2183?

To fix CVE-2012-2183, apply the latest patches provided by IBM for the affected software versions.

Which versions are affected by CVE-2012-2183?

CVE-2012-2183 affects IBM Maximo Asset Management versions 6.2 through 7.5, and related IBM products.

What types of attacks are possible due to CVE-2012-2183?

CVE-2012-2183 allows remote attackers to hijack web sessions via session fixation techniques.

Is there a workaround for CVE-2012-2183?

While upgrading is the recommended solution, minimizing session exposure and implementing secure session management techniques can act as a temporary workaround.

Vulnerability/
CVE-2012-2183

medium

6.8

10/9/2012

6/8/2024

CVE-2012-2183

First published: Mon Sep 10 2012(Updated: )

Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Tivoli Change and Configuration Management Database	=6.0
IBM Tivoli Change and Configuration Management Database	=7.0
IBM Maximo Asset Management	=6.2.0.0
IBM Maximo Asset Management	=7.1.0.0
IBM Maximo Asset Management	=7.5.0.0
IBM Maximo Service Desk	=6.2
IBM Control Desk	=7.0
IBM Tivoli IT Asset Management for IT	=6.0
IBM Tivoli IT Asset Management for IT	=6.2
IBM Tivoli IT Asset Management for IT	=7.0
IBM Tivoli IT Asset Management for IT	=7.1
IBM Tivoli IT Asset Management for IT	=7.2
Ibm Tivoli Service Request Manager	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2183?
CVE-2012-2183 is classified as a medium severity vulnerability.
How do I fix CVE-2012-2183?
To fix CVE-2012-2183, apply the latest patches provided by IBM for the affected software versions.
Which versions are affected by CVE-2012-2183?
CVE-2012-2183 affects IBM Maximo Asset Management versions 6.2 through 7.5, and related IBM products.
What types of attacks are possible due to CVE-2012-2183?
CVE-2012-2183 allows remote attackers to hijack web sessions via session fixation techniques.
Is there a workaround for CVE-2012-2183?
While upgrading is the recommended solution, minimizing session exposure and implementing secure session management techniques can act as a temporary workaround.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/references
agent/severity
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm tivoli change and configuration management database
version/ibm tivoli change and configuration management database/6.0
version/ibm tivoli change and configuration management database/7.0
canonical/ibm maximo asset management
version/ibm maximo asset management/6.2.0.0
version/ibm maximo asset management/7.1.0.0
version/ibm maximo asset management/7.5.0.0
canonical/ibm maximo service desk
version/ibm maximo service desk/6.2
canonical/ibm control desk
version/ibm control desk/7.0
canonical/ibm tivoli it asset management for it
version/ibm tivoli it asset management for it/6.0
version/ibm tivoli it asset management for it/6.2
version/ibm tivoli it asset management for it/7.0
version/ibm tivoli it asset management for it/7.1
version/ibm tivoli it asset management for it/7.2
canonical/ibm tivoli service request manager
version/ibm tivoli service request manager/7.0