Vulnerabilities > CVE-2000-1239 - Information Disclosure vulnerability in IBM Tivoli Management Framework 3.7.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |