Lucene search

K
cve[email protected]CVE-2015-4966
HistoryNov 08, 2015 - 10:59 p.m.

CVE-2015-4966

2015-11-0822:59:13
CWE-255
web.nvd.nist.gov
21
ibm
maximo asset management
tivoli
it asset management
vulnerability
default administrator account
remote access
nvd
cve-2015-4966

8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

61.3%

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 FP009, and 7.6.0 before 7.6.0.2 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 FP009, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products have a default administrator account, which makes it easier for remote authenticated users to obtain access via unspecified vectors.

Affected configurations

NVD
Node
ibmchange_and_configuration_management_databaseMatch7.1
OR
ibmchange_and_configuration_management_databaseMatch7.2
OR
ibmmaximo_asset_managementMatch7.1
OR
ibmmaximo_asset_managementMatch7.1.1
OR
ibmmaximo_asset_managementMatch7.1.1.1
OR
ibmmaximo_asset_managementMatch7.1.1.2
OR
ibmmaximo_asset_managementMatch7.1.1.5
OR
ibmmaximo_asset_managementMatch7.1.1.6
OR
ibmmaximo_asset_managementMatch7.1.1.7
OR
ibmmaximo_asset_managementMatch7.1.1.8
OR
ibmmaximo_asset_managementMatch7.1.1.9
OR
ibmmaximo_asset_managementMatch7.1.1.10
OR
ibmmaximo_asset_managementMatch7.1.1.11
OR
ibmmaximo_asset_managementMatch7.1.1.12
OR
ibmmaximo_asset_managementMatch7.1.1.13
OR
ibmmaximo_asset_managementMatch7.5.0.0
OR
ibmmaximo_asset_managementMatch7.5.0.1
OR
ibmmaximo_asset_managementMatch7.5.0.2
OR
ibmmaximo_asset_managementMatch7.5.0.3
OR
ibmmaximo_asset_managementMatch7.5.0.4
OR
ibmmaximo_asset_managementMatch7.5.0.5
OR
ibmmaximo_asset_managementMatch7.5.0.6
OR
ibmmaximo_asset_managementMatch7.5.0.7
OR
ibmmaximo_asset_managementMatch7.5.0.8
OR
ibmmaximo_asset_managementMatch7.5.0.9
OR
ibmmaximo_asset_managementMatch7.6.0.0
OR
ibmmaximo_asset_managementMatch7.6.0.1
OR
ibmmaximo_asset_managementMatch7.6.0.2
OR
ibmmaximo_for_governmentMatch7.1
OR
ibmmaximo_for_governmentMatch7.5.0.0
OR
ibmmaximo_for_governmentMatch7.5.0.1
OR
ibmmaximo_for_governmentMatch7.5.0.2
OR
ibmmaximo_for_governmentMatch7.5.0.3
OR
ibmmaximo_for_governmentMatch7.5.0.4
OR
ibmmaximo_for_governmentMatch7.5.0.5
OR
ibmmaximo_for_governmentMatch7.5.0.6
OR
ibmmaximo_for_life_sciencesMatch7.1
OR
ibmmaximo_for_life_sciencesMatch7.5.0.0
OR
ibmmaximo_for_life_sciencesMatch7.5.0.1
OR
ibmmaximo_for_life_sciencesMatch7.5.0.2
OR
ibmmaximo_for_life_sciencesMatch7.5.0.3
OR
ibmmaximo_for_life_sciencesMatch7.5.0.4
OR
ibmmaximo_for_life_sciencesMatch7.5.0.5
OR
ibmmaximo_for_life_sciencesMatch7.5.0.6
OR
ibmmaximo_for_nuclear_powerMatch7.1
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.0
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.1
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.2
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.3
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.4
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.5
OR
ibmmaximo_for_nuclear_powerMatch7.5.0.6
OR
ibmmaximo_for_oil_and_gasMatch7.1
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.0
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.1
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.2
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.3
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.4
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.5
OR
ibmmaximo_for_oil_and_gasMatch7.5.0.6
OR
ibmmaximo_for_transportationMatch7.1
OR
ibmmaximo_for_transportationMatch7.5.0.0
OR
ibmmaximo_for_transportationMatch7.5.0.1
OR
ibmmaximo_for_transportationMatch7.5.0.2
OR
ibmmaximo_for_transportationMatch7.5.0.3
OR
ibmmaximo_for_transportationMatch7.5.0.4
OR
ibmmaximo_for_transportationMatch7.5.0.5
OR
ibmmaximo_for_transportationMatch7.5.0.6
OR
ibmmaximo_for_utilitiesMatch7.1
OR
ibmmaximo_for_utilitiesMatch7.5.0.0
OR
ibmmaximo_for_utilitiesMatch7.5.0.1
OR
ibmmaximo_for_utilitiesMatch7.5.0.2
OR
ibmmaximo_for_utilitiesMatch7.5.0.3
OR
ibmmaximo_for_utilitiesMatch7.5.0.4
OR
ibmmaximo_for_utilitiesMatch7.5.0.5
OR
ibmmaximo_for_utilitiesMatch7.5.0.6
OR
ibmsmartcloud_control_deskMatch7.5
OR
ibmsmartcloud_control_deskMatch7.6
OR
ibmtivoli_asset_management_for_itMatch7.1
OR
ibmtivoli_asset_management_for_itMatch7.2
OR
ibmtivoli_service_request_managerMatch7.1.0
OR
ibmtivoli_service_request_managerMatch7.2.0.0

8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

61.3%

Related for CVE-2015-4966