IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.