CVE-2013-3323: A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.

Affected

40 ranges· showing 25

Vendor	Product	Version range	Fixed in
ibm	change_and_configuration_management_database	—	—
ibm	change_and_configuration_management_database	—	—
ibm	maximo_asset_management	—	—
ibm	maximo_asset_management	—	—
ibm	maximo_asset_management	—	—
ibm	maximo_asset_management_essentials	—	—
ibm	maximo_asset_management_essentials	—	—
ibm	maximo_asset_management_essentials	—	—
ibm	maximo_for_government	—	—
ibm	maximo_for_government	—	—
ibm	maximo_for_government	—	—
ibm	maximo_for_life_sciences	—	—
ibm	maximo_for_life_sciences	—	—
ibm	maximo_for_life_sciences	—	—
ibm	maximo_for_life_sciences	—	—
ibm	maximo_for_life_sciences	—	—
ibm	maximo_for_nuclear_power	—	—
ibm	maximo_for_nuclear_power	—	—
ibm	maximo_for_nuclear_power	—	—
ibm	maximo_for_nuclear_power	—	—
ibm	maximo_for_oil_and_gas	—	—
ibm	maximo_for_oil_and_gas	—	—
ibm	maximo_for_oil_and_gas	—	—
ibm	maximo_for_oil_and_gas	—	—
ibm	maximo_for_oil_and_gas	—	—