CVE-2013-5464IBM Maximo Asset Management vulnerability

CWE-2644 documents4 sources
Severity
6.0MEDIUMNVD
EPSS
0.2%
top 55.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Maximo Asset ManagementIBM Smartcloud Control Desk
Timeline
PublishedMay 26
Latest updateMay 17

Description

IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and modify physical counts associated with restricted storerooms, via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages2 packages

NVDibm/maximo_asset_management6 versions+5
NVDibm/smartcloud_control_desk7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-46jm-v2qp-4qwm: IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2013-5464: IBM Maximo Asset Management 72014-05-26

💬Community

1
Bugzilla
CVE-2013-1809 gambas3: insecure temporary directories flaw2013-03-04
CVE-2013-5464 — IBM vulnerability | cvebase