Vulnerability Details : CVE-2013-4040
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.
Products affected by CVE-2013-4040
- IBM » Tivoli Application Dependency Discovery ManagerVersions from including (>=) 7.2.0.0 and up to, including, (<=) 7.2.1.4cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4040
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-4040
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2013-4040
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4040
-
https://www-01.ibm.com/support/docview.wss?uid=swg21672253
IBM Security Bulletin: TADDM – Security improvement: More restricted permission on TADDM files on UNIX-like servers.Mitigation;Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86176
IBM Tivoli Application Dependency Discovery Manager information disclosure CVE-2013-4040 Vulnerability ReportVDB Entry;Vendor Advisory
Jump to