Vulnerabilities > CVE-2011-1394 - Resource Management Errors vulnerability in IBM products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allow remote attackers to cause a denial of service (memory consumption) by establishing many UI sessions within one HTTP session.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/48299
- http://secunia.com/advisories/48305
- http://www.ibm.com/support/docview.wss?uid=swg21584666
- http://www.securityfocus.com/bid/52333
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV09157
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71985
- http://secunia.com/advisories/48299
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71985
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV09157
- http://www.securityfocus.com/bid/52333
- http://www.ibm.com/support/docview.wss?uid=swg21584666
- http://secunia.com/advisories/48305