1. Home
  2. CVE Database
  3. CVE-2011-4817
MEDIUM · 4.0

CVE-2011-4817

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Man...

Vulnerability Description

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 shows the username, which might allow remote authenticated users to have an unspecified impact via a targeted attack against the corresponding user account.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmMaximo Asset Management6.2
IbmMaximo Asset Management Essentials6.2
IbmTivoli Asset Management For It6.2
IbmTrivoli Service Request Manager7.1
IbmMaximo Service Desk6.2
IbmTivoli Change And Configuration Management Database6.2

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2011-4817?

CVE-2011-4817 is a vulnerability with a CVSS score of 4.0 (MEDIUM). The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Man...

How severe is CVE-2011-4817?

CVE-2011-4817 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-4817?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Maximo Asset Management, Ibm Maximo Asset Management Essentials, Ibm Tivoli Asset Management For It, Ibm Trivoli Service Request Manager, Ibm Maximo Service Desk.