What is the severity of CVE-2015-0104?

CVE-2015-0104 has a high severity rating due to its potential for remote exploitation.

How do I fix CVE-2015-0104?

To fix CVE-2015-0104, update the affected IBM software to the latest patched version or apply the necessary security fixes provided by IBM.

Which IBM products are affected by CVE-2015-0104?

CVE-2015-0104 affects IBM Tivoli IT Asset Management, Tivoli Service Request Manager, Change and Configuration Management Database, and Maximo Asset Management across several specified versions.

What are the consequences of exploiting CVE-2015-0104?

Exploitation of CVE-2015-0104 could lead to unauthorized access and manipulation of sensitive data within the affected IBM applications.

When was CVE-2015-0104 disclosed?

CVE-2015-0104 was disclosed in January 2015.

Vulnerability/
CVE-2015-0104

high

8.8

CWE

284

24/4/2017

6/8/2024

CVE-2015-0104

First published: Mon Apr 24 2017(Updated: )

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to execute arbitrary code via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
Ibm Change And Configuration Management Database	=7.1
Ibm Change And Configuration Management Database	=7.2
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.1.1
IBM Maximo Asset Management	=7.1.1.1
IBM Maximo Asset Management	=7.1.1.2
IBM Maximo Asset Management	=7.1.1.5
IBM Maximo Asset Management	=7.1.1.6
IBM Maximo Asset Management	=7.1.1.7
IBM Maximo Asset Management	=7.1.1.8
Ibm Maximo Asset Management Essentials	=7.1
Ibm Maximo For Government	=7.1
Ibm Maximo For Life Sciences	=7.1
Ibm Maximo For Nuclear Power	=7.1
Ibm Maximo For Oil And Gas	=7.1
Ibm Maximo For Transportation	=7.1
Ibm Maximo For Utilities	=7.1
IBM Tivoli Asset Management for IT	=7.1
IBM Tivoli Asset Management for IT	=7.2
Ibm Tivoli Service Request Manager	=7.1
Ibm Tivoli Service Request Manager	=7.2

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21694974

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0104?
CVE-2015-0104 has a high severity rating due to its potential for remote exploitation.
How do I fix CVE-2015-0104?
To fix CVE-2015-0104, update the affected IBM software to the latest patched version or apply the necessary security fixes provided by IBM.
Which IBM products are affected by CVE-2015-0104?
CVE-2015-0104 affects IBM Tivoli IT Asset Management, Tivoli Service Request Manager, Change and Configuration Management Database, and Maximo Asset Management across several specified versions.
What are the consequences of exploiting CVE-2015-0104?
Exploitation of CVE-2015-0104 could lead to unauthorized access and manipulation of sensitive data within the affected IBM applications.
When was CVE-2015-0104 disclosed?
CVE-2015-0104 was disclosed in January 2015.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/weakness
agent/author
agent/tags
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/ibm
canonical/ibm change and configuration management database
version/ibm change and configuration management database/7.1
version/ibm change and configuration management database/7.2
canonical/ibm maximo asset management
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.1.1
version/ibm maximo asset management/7.1.1.1
version/ibm maximo asset management/7.1.1.2
version/ibm maximo asset management/7.1.1.5
version/ibm maximo asset management/7.1.1.6
version/ibm maximo asset management/7.1.1.7
version/ibm maximo asset management/7.1.1.8
canonical/ibm maximo asset management essentials
version/ibm maximo asset management essentials/7.1
canonical/ibm maximo for government
version/ibm maximo for government/7.1
canonical/ibm maximo for life sciences
version/ibm maximo for life sciences/7.1
canonical/ibm maximo for nuclear power
version/ibm maximo for nuclear power/7.1
canonical/ibm maximo for oil and gas
version/ibm maximo for oil and gas/7.1
canonical/ibm maximo for transportation
version/ibm maximo for transportation/7.1
canonical/ibm maximo for utilities
version/ibm maximo for utilities/7.1
canonical/ibm tivoli asset management for it
version/ibm tivoli asset management for it/7.1
version/ibm tivoli asset management for it/7.2
canonical/ibm tivoli service request manager
version/ibm tivoli service request manager/7.1
version/ibm tivoli service request manager/7.2