CVE Vulnerabilities

CVE-2015-7396

Published: Jan 02, 2016 | Modified: Jan 07, 2016
CVSS 3.x
5.4
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Maximo_asset_management Ibm 7.5 (including) 7.5 (including)
Maximo_asset_management Ibm 7.6 (including) 7.6 (including)
Maximo_asset_management_essentials Ibm 7.5 (including) 7.5 (including)
Maximo_for_government Ibm 7.5 (including) 7.5 (including)
Maximo_for_life_sciences Ibm 7.5 (including) 7.5 (including)
Maximo_for_life_sciences Ibm 7.6 (including) 7.6 (including)
Maximo_for_nuclear_power Ibm 7.5 (including) 7.5 (including)
Maximo_for_oil_and_gas Ibm 7.5 (including) 7.5 (including)
Maximo_for_transportation Ibm 7.5 (including) 7.5 (including)
Maximo_for_utilities Ibm 7.5 (including) 7.5 (including)
Smartcloud_control_desk Ibm 7.5 (including) 7.5 (including)
Smartcloud_control_desk Ibm 7.6 (including) 7.6 (including)

References