CVE-2015-5051

CWE-2643 documents3 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 66.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
IBM Maximo Asset ManagementIBM Maximo Asset Management EssentialsIBM Maximo FOR Government+6 more
Timeline
PublishedJan 3
Latest updateMay 17

Description

IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages4 packages

NVDibm/maximo7.5, 7.6+1

🔴Vulnerability Details

2
GHSA
GHSA-fw4w-565m-5mrc: IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2015-5051: IBM Maximo Asset Management 72016-01-03
CVE-2015-5051 (MEDIUM CVSS 4.3) | IBM Maximo Asset Management 7.5 bef | cvebase.io