PT-2016-3794 · Ibm · Ibm Maximo Asset Management

Publicado

2016-01-27

·

Atualizado

2016-01-28

·

CVE-2015-7487

CVSS v2.0

4.9

Média

VetorAV:L/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Maximo Asset Management versions 7.1 through 7.1.1.13 IBM Maximo Asset Management versions 7.5.0 through 7.5.0.8 IFIX001 IBM Maximo Asset Management versions 7.6.0 through 7.6.0.2 IFIX000 IBM Maximo Asset Management version 7.5.1 IBM Maximo Asset Management version 7.2
Description The issue allows local users to obtain sensitive information by leveraging administrative privileges and reading log files.
Recommendations For IBM Maximo Asset Management versions 7.1 through 7.1.1.13, update to a version after 7.1.1.13. For IBM Maximo Asset Management versions 7.5.0 through 7.5.0.8 IFIX001, apply IFIX002 or update to a version after 7.5.0.9 IFIX002. For IBM Maximo Asset Management versions 7.6.0 through 7.6.0.2 IFIX000, apply IFIX001 or update to a version after 7.6.0.3 IFIX001. For IBM Maximo Asset Management version 7.5.1, update to a version after 7.5.1. For IBM Maximo Asset Management version 7.2, update to a version after 7.2.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2015-7487

Produtos afetados

Ibm Maximo Asset Management