CVE-2016-8987Sensitive Information Exposure in IBM Maximo Asset Management

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 56.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Maximo Asset Management
Timeline
PublishedJun 8
Latest updateMay 17

Description

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/maximo_asset_management4 versions+3
NVDibm/maximo_asset_management7.1, 7.5, 7.6+2

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-rvc3-wj33-7p27: IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2016-8987: IBM Maximo Asset Management 72017-06-08
CVE-2016-8987 — Sensitive Information Exposure in IBM | cvebase