Description
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTTP command. IBM X-Force ID: 181995.
CVSS breakdown
CVSS 3.0
Privileges Required
None
Attack Complexity
Low
Availability
High
Scope
Unchanged
User Interaction
None
Integrity
High
Confidentiality
High
Attack Vector
Network
RL
O
RC
Changed
E
Unchanged
Affected products
- ibm / maximo_asset_management7.6.0 – 7.6.0
- ibm / maximo_asset_management7.6.1 – 7.6.1