CVE-2013-2998

CWE-200Information Exposure3 documents3 sources
Severity
3.5LOW
EPSS
0.2%
top 60.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Maximo Asset ManagementIBM Smartcloud Control Desk
Timeline
PublishedMay 26
Latest updateMay 17

Description

frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive information via an invalid action_code.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages2 packages

NVDibm/maximo_asset_management19 versions+18
NVDibm/smartcloud_control_desk7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-cjcg-gx96-9j95: frontcontroller2022-05-17
CVEList
CVE-2013-2998: frontcontroller2014-05-26
CVE-2013-2998 (LOW CVSS 3.5) | frontcontroller.jsp in IBM Maximo A | cvebase.io