CVE-2025-2898

CWE-2663 documents3 sources

Severity

8.8HIGH

EPSS

0.1%

top 69.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Maximo Application Suite

Timeline

PublishedMay 6

Description

IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/maximo_application_suite9.0

▶NVDibm/maximo_application_suite9.0

🔴Vulnerability Details

GHSA

GHSA-5wcf-r54j-7xp9: IBM Maximo Application Suite 9↗2025-05-06

▶

CVEList

IBM Maximo Application Suite privilege escalation↗2025-05-06

▶