CVE-2013-4040
First published: Tue May 01 2018(Updated: )
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Tivoli Application Dependency Discovery Manager | >=7.2.0.0<=7.2.1.4 | |
| IBM Tivoli Application Dependency Discovery Manager | =7.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2013-4040.
What is the severity of CVE-2013-4040?
The severity of CVE-2013-4040 is medium (5.5).
Which software is affected by CVE-2013-4040?
IBM Tivoli Application Dependency Discovery Manager (TADDM) versions 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix are affected.
What is the vulnerability description of CVE-2013-4040?
CVE-2013-4040 is a vulnerability in IBM Tivoli Application Dependency Discovery Manager that allows local users to obtain sensitive information by reading configuration and log files with weak permissions.
How can I fix CVE-2013-4040?
Update IBM Tivoli Application Dependency Discovery Manager to version 7.2.1.5 or later to fix the vulnerability.
- collector/nvd-index
- vendor/ibm
- product/tivoli application dependency discovery manager
- canonical/ibm tivoli application dependency discovery manager