CVE-2015-5017
published 2016-01-03CVE-2015-5017: IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8…
medium5.4CVSS 3.0
AVNACLPRLUINSUCLILAN
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote authenticated users to bypass intended access restrictions and establish a login session by entering an expired password.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | change_and_configuration_management_database | — | — |
| ibm | change_and_configuration_management_database | — | — |
| ibm | maximo_asset_management | — | — |
| ibm | maximo_asset_management | — | — |
| ibm | maximo_asset_management | — | — |
| ibm | maximo_asset_management_essentials | — | — |
| ibm | maximo_asset_management_essentials | — | — |
| ibm | maximo_for_energy_optimization | — | — |
| ibm | maximo_for_government | — | — |
| ibm | maximo_for_government | — | — |
| ibm | maximo_for_life_sciences | — | — |
| ibm | maximo_for_life_sciences | — | — |
| ibm | maximo_for_life_sciences | — | — |
| ibm | maximo_for_nuclear_power | — | — |
| ibm | maximo_for_nuclear_power | — | — |
| ibm | maximo_for_oil_and_gas | — | — |
| ibm | maximo_for_oil_and_gas | — | — |
| ibm | maximo_for_transportation | — | — |
| ibm | maximo_for_transportation | — | — |
| ibm | maximo_for_utilities | — | — |
| ibm | maximo_for_utilities | — | — |
| ibm | smartcloud_control_desk | — | — |
| ibm | smartcloud_control_desk | — | — |
| ibm | tivoli_asset_management_for_it | — | — |
| ibm | tivoli_asset_management_for_it | — | — |