A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Maximo_asset_management_essentials | Ibm | 6.2 | 6.2 |
Maximo_for_transportation | Ibm | 7.5 | 7.5 |
Maximo_for_utilities | Ibm | 7.5 | 7.5 |
Maximo_for_utilities | Ibm | 7.1 | 7.1 |
Maximo_for_nuclear_power | Ibm | 7.1 | 7.1 |
Tivoli_service_request_manager | Ibm | 7.1 | 7.1 |
Maximo_asset_management | Ibm | 7.5 | 7.5 |
Smartcloud_control_desk | Ibm | 7.5 | 7.5 |
Change_and_configuration_management_database | Ibm | 7.1 | 7.1 |
Maximo_asset_management_essentials | Ibm | 7.5 | 7.5 |
Tivoli_asset_management_for_it | Ibm | 7.2 | 7.2 |
Maximo_asset_management | Ibm | 7.1 | 7.1 |
Maximo_for_oil_and_gas | Ibm | 7.1 | 7.1 |
Maximo_for_government | Ibm | 7.1 | 7.1 |
Change_and_configuration_management_database | Ibm | 7.2 | 7.2 |
Maximo_asset_management | Ibm | 6.2 | 6.2 |
Maximo_for_life_sciences | Ibm | 7.5 | 7.5 |
Tivoli_asset_management_for_it | Ibm | 7.1 | 7.1 |
Maximo_for_nuclear_power | Ibm | 7.5 | 7.5 |
Maximo_for_government | Ibm | 7.5 | 7.5 |
Maximo_for_life_sciences | Ibm | 7.1 | 7.1 |
Tivoli_service_request_manager | Ibm | 7.2 | 7.2 |
Tivoli_asset_management_for_it | Ibm | 6.2 | 6.2 |
Maximo_service_desk | Ibm | 6.2 | 6.2 |
Maximo_for_oil_and_gas | Ibm | 7.5 | 7.5 |
Maximo_for_transportation | Ibm | 7.1 | 7.1 |
Maximo_asset_management_essentials | Ibm | 7.1 | 7.1 |
Maximo_for_utilities | Ibm | 6.2 | 6.2 |
Maximo_for_utilities | Ibm | 6.3 | 6.3 |
Maximo_for_oil_and_gas | Ibm | 6.2 | 6.2 |
Maximo_for_oil_and_gas | Ibm | 6.3 | 6.3 |
Maximo_for_oil_and_gas | Ibm | 6.4 | 6.4 |
Maximo_for_life_sciences | Ibm | 6.2 | 6.2 |
Maximo_for_life_sciences | Ibm | 6.4 | 6.4 |
Maximo_for_life_sciences | Ibm | 6.5 | 6.5 |
Maximo_for_transportation | Ibm | 6.2 | 6.2 |
Maximo_for_transportation | Ibm | 6.3 | 6.3 |
Maximo_for_nuclear_power | Ibm | 6.2 | 6.2 |
Maximo_for_nuclear_power | Ibm | 6.3 | 6.3 |
Maximo_for_government | Ibm | 6.2 | 6.2 |