Remote Work-Order Change Bypass in IBM Maximo Asset Management
CVE-2015-7395

Currently unrated

Key Information:

Vendor: IBM
Status: Maximo Asset Management; Maximo For Nuclear Power; Maximo For Utilities; Maximo For Life Sciences
Vendor: CVE Published:; 8 November 2015

Summary

A vulnerability in IBM Maximo Asset Management allows remote authenticated users to bypass intended work-order change restrictions. This affects various versions of the software, enabling unauthorized changes through unspecified vectors, leading to potential misuse of work-order management functionalities. Organizations using affected versions should assess their exposure and take corrective actions.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21969072

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 8, 2015
Vulnerability Reserved
Sep 29, 2015