CVE-2015-7396
Last modified
CVE-2015-7396 is a vulnerability of currently unknown severity. The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors.. EPSS estimates a 0.79% chance of exploitation in the next 30 days.
Description
The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Maximo Asset Management | 7.5 |
| Ibm | Maximo Asset Management | 7.6 |
| Ibm | Maximo Asset Management Essentials | 7.5 |
| Ibm | Maximo For Government | 7.5 |
| Ibm | Maximo For Life Sciences | 7.5 |
| Ibm | Maximo For Life Sciences | 7.6 |
| Ibm | Maximo For Nuclear Power | 7.5 |
| Ibm | Maximo For Oil And Gas | 7.5 |
| Ibm | Maximo For Transportation | 7.5 |
| Ibm | Maximo For Utilities | 7.5 |
| Ibm | Smartcloud Control Desk | 7.5 |
| Ibm | Smartcloud Control Desk | 7.6 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21970799Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21970799Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-7396?
How severe is CVE-2015-7396?
How do I fix CVE-2015-7396?
Are you affected by CVE-2015-7396?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST