CVE-2015-7452

MEDIUM

IBM Maximo Asset Management <7.5.0.9 FP9, <7.6.0.3 FP3 - Info Discl...

Title source: llm
STIX 2.1

Description

IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21972463

Scores

CVSS v3 4.3
EPSS 0.0089
EPSS Percentile 55.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (12)
ibm/maximo_asset_management 7.5
ibm/maximo_asset_management 7.6
ibm/maximo_asset_management_essentials 7.5
ibm/maximo_for_government 7.5
ibm/maximo_for_life_sciences 7.5
ibm/maximo_for_life_sciences 7.6
ibm/maximo_for_nuclear_power 7.5
ibm/maximo_for_oil_and_gas 7.5
ibm/maximo_for_transportation 7.5
ibm/maximo_for_utilities 7.5
... and 2 more
Published Jan 02, 2016
Tracked Since Feb 18, 2026