CVE-2015-7452
MEDIUMIBM Maximo Asset Management <7.5.0.9 FP9, <7.6.0.3 FP3 - Info Discl...
Title source: llmDescription
IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21972463
Scores
CVSS v3
4.3
EPSS
0.0089
EPSS Percentile
55.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (12)
ibm/maximo_asset_management
7.5
ibm/maximo_asset_management
7.6
ibm/maximo_asset_management_essentials
7.5
ibm/maximo_for_government
7.5
ibm/maximo_for_life_sciences
7.5
ibm/maximo_for_life_sciences
7.6
ibm/maximo_for_nuclear_power
7.5
ibm/maximo_for_oil_and_gas
7.5
ibm/maximo_for_transportation
7.5
ibm/maximo_for_utilities
7.5
... and 2 more
Published
Jan 02, 2016
Tracked Since
Feb 18, 2026