IBM » Maximo For Oil And Gas : Security Vulnerabilities, CVEs, Published In 2016 (Bypass)
IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.08%
Published
2016-03-14
Updated
2016-03-17
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote authenticated users to bypass intended access restrictions and establish a login session by entering an expired password.
Max CVSS
5.5
EPSS Score
0.08%
Published
2016-01-03
Updated
2016-01-06
2 vulnerabilities found