IBM Security Bulletin: Security Bypass Vulnerability Addressed in Asset and Service Management (CVE-2014-3084)

IBM Maximo Asset Management allows an authenticated attacker to modify calendar entries that they do not have access to by bypassing security restrictions. CVE(s): CVE-2014-3084 Affected product(s) and affected version(s): AFFECTED...



from IBM Product Security Incident Response Team http://ibm.co/1zMy022