CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-1239

The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.6%

CVSS Severity

CVSS v2 Score 9.0

References

http://www-1.ibm.com/support/docview.wss?uid=swg21082896
http://www.securityfocus.com/bid/17085
https://exchange.xforce.ibmcloud.com/vulnerabilities/3927
http://www-1.ibm.com/support/docview.wss?uid=swg21082896
http://www.securityfocus.com/bid/17085
https://exchange.xforce.ibmcloud.com/vulnerabilities/3927

Products affected by CVE-2000-1239

Ibm » Tivoli Management Framework » Version: 3.7.1

cpe:2.3:a:ibm:tivoli_management_framework:3.7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-1239

Products

Pricing

Contact Us