exploitDog

CVE-2016-8987

Опубликовано: 08 июн. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg21996255
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97369
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/119039
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21996255
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97369
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/119039
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00212

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-rvc3-wj33-7p27

CVSS3: 4.3

github

больше 3 лет назад

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view.

EPSS

Процентиль: 44%

0.00212

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200