CVE-2013-3971 — IBM Maximo Asset Management vulnerability

6 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

0.2%

top 60.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Maximo Asset Management

Timeline

PublishedOct 1

Latest updateMay 17

Description

IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3049.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/maximo_asset_management17 versions+16

🔴Vulnerability Details

GHSA

GHSA-rxv9-6mj3-27gh: IBM Maximo Asset Management 7↗2022-05-17

▶

GHSA

GHSA-r5fw-pxq2-w826: IBM Maximo Asset Management 7↗2022-05-17

▶

CVEList

CVE-2013-3971: IBM Maximo Asset Management 7↗2013-10-01

▶

CVEList

CVE-2013-3049: IBM Maximo Asset Management 7↗2013-10-01

▶