CVE-2018-1524
Severity
8.8HIGH
EPSS
0.4%
top 41.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 3
Latest updateMay 13
Description
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9