4.3

CVE-2016-0222

IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
IbmMaximo Asset Management Version7.6.0.0
IbmMaximo Asset Management Version7.6.0.1
IbmMaximo Asset Management Version7.6.0.2
IbmMaximo Asset Management Version7.6.0.3
IbmMaximo Asset Management Version7.6.0.0
IbmMaximo Asset Management Version7.6.0.1
IbmMaximo Asset Management Version7.6.0.2
IbmMaximo Asset Management Version7.6.0.3
IbmMaximo For Government Version-
IbmMaximo For Utilities Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.11% 0.26
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.