HIGH🇵🇱 Wersja polska

CVE-2013-2974

CVSS 7.5v2.0pub. 2014-01-29upd. 2026-04-29

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • IBM Tivoli Application Dependency Discovery Manager

    APP
    Ibm
    7.2.1.17.2.1.27.2.1.37.2.1.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2023-47143CRITICAL10.0PL ✓ten sam produkt

HTTP header injection w IBM Tivoli Application Dependency Discovery Manager

CVE-2023-47142HIGH7.5ten sam produkt

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the or...

CVE-2013-3017HIGH7.5ten sam produkt

IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easi...

CVE-2013-3023HIGH8.1ten sam produkt

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote...

CVE-2013-4002HIGH7.1ten sam produkt

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in ...