Vulnerabilities > IBM > License Metric Tool > 7.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-28 | CVE-2023-43044 | Path Traversal vulnerability in IBM License Metric Tool IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. | 7.5 |
2015-05-25 | CVE-2014-8927 | Resource Management Errors vulnerability in IBM products Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8926. | 5.0 |
2015-05-25 | CVE-2014-8926 | Resource Management Errors vulnerability in IBM products Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8927. | 5.0 |
2015-05-20 | CVE-2014-8924 | XML External Entity Information Disclosure vulnerability in IBM products The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before IF24 and Tivoli Asset Discovery for Distributed 7.2.2 before IF15 and 7.5 before IF24 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 6.4 |