CVE-2014-0849

CWE-2643 documents3 sources
Severity
6.0MEDIUM
EPSS
0.4%
top 41.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Maximo Asset ManagementIBM Smartcloud Control Desk
Timeline
PublishedMay 26
Latest updateMay 17

Description

IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages2 packages

NVDibm/maximo_asset_management17 versions+16
NVDibm/smartcloud_control_desk8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-jfcc-m8c6-h7hc: IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2014-0849: IBM Maximo Asset Management 72014-05-26
CVE-2014-0849 (MEDIUM CVSS 6) | IBM Maximo Asset Management 7.x bef | cvebase.io