CVE-2014-6102 Information

Description

IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008 Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products do not properly handle logout actions which allows remote attackers to bypass intended Cognos BI Direct Integration access restrictions by leveraging an unattended workstation.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21695597 https://exchange.xforce.ibmcloud.com/vulnerabilities/96141