Authentication Bypass Vulnerability in IBM Maximo Asset Management
CVE-2022-40616

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Maximo Asset Management
Vendor: CVE Published:; 21 September 2022

Summary

The vulnerability in IBM Maximo Asset Management allows attackers to bypass authentication mechanisms, potentially enabling them to access restricted areas of the system. This flaw could lead to unauthorized information retrieval or the execution of actions that should be restricted to authorized users only. Organizations using affected versions must implement appropriate security measures to mitigate the risks associated with this vulnerability.

Affected Version(s)

Maximo Asset Management 7.6.1.1

Maximo Asset Management 7.6.1.2

Maximo Asset Management 7.6.1.3

References

https://www.ibm.com/support/pages/node/6621599

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/236311

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 21, 2022
Vulnerability Reserved
Sep 12, 2022