CVE-2016-8987

MEDIUM

IBM Maximo Asset Mgmt <7.6 - Info Disclosure

Title source: llm
STIX 2.1

Description

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view.

References (3)

Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21996255
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97369
VDB Entry, Vendor Advisory x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/119039

Scores

CVSS v3 4.3
EPSS 0.0096
EPSS Percentile 57.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (7)
IBM/Maximo Asset Management 7.1
IBM/Maximo Asset Management 7.1.1
IBM/Maximo Asset Management 7.5
IBM/Maximo Asset Management 7.6
ibm/maximo_asset_management 7.1
ibm/maximo_asset_management 7.5
ibm/maximo_asset_management 7.6
Published Jun 08, 2017
Tracked Since Feb 18, 2026