PT-2015-7548 · Ibm · Ibm Maximo Asset Management
Publicado
2015-11-08
·
Atualizado
2015-11-09
·
CVE-2015-7395
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Maximo Asset Management versions 7.1 through 7.1.1.13
IBM Maximo Asset Management versions 7.5.0 before 7.5.0.8 IFIX005
IBM Maximo Asset Management versions 7.6.0 before 7.6.0.2 FP002
IBM Maximo Asset Management version 7.5.1
IBM Maximo Asset Management version 7.2
Description
The issue allows remote authenticated users to bypass intended work-order change restrictions. This can be achieved via unspecified vectors.
Recommendations
For versions 7.1 through 7.1.1.13, update to a version after 7.1.1.13.
For versions 7.5.0 before 7.5.0.8 IFIX005, apply IFIX005 or update to a version after 7.5.0.8 IFIX005.
For versions 7.6.0 before 7.6.0.2 FP002, apply FP002 or update to a version after 7.6.0.2 FP002.
For version 7.5.1, update to a version after 7.5.1.
For version 7.2, update to a version after 7.2.
Correção
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Maximo Asset Management