Lucene search

[email protected]CVE-2015-4966

HistoryNov 08, 2015 - 10:59 p.m.

CVE-2015-4966

2015-11-0822:59:13

CWE-255

[email protected]

web.nvd.nist.gov

ibm

maximo asset management

tivoli

it asset management

vulnerability

default administrator account

remote access

nvd

cve-2015-4966

8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

61.3%

JSON

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 FP009, and 7.6.0 before 7.6.0.2 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 FP009, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products have a default administrator account, which makes it easier for remote authenticated users to obtain access via unspecified vectors.

Affected configurations

NVD

Node

ibmchange_and_configuration_management_databaseMatch7.1

ibmchange_and_configuration_management_databaseMatch7.2

ibmmaximo_asset_managementMatch7.1

ibmmaximo_asset_managementMatch7.1.1

ibmmaximo_asset_managementMatch7.1.1.1

ibmmaximo_asset_managementMatch7.1.1.2

ibmmaximo_asset_managementMatch7.1.1.5

ibmmaximo_asset_managementMatch7.1.1.6

ibmmaximo_asset_managementMatch7.1.1.7

ibmmaximo_asset_managementMatch7.1.1.8

ibmmaximo_asset_managementMatch7.1.1.9

ibmmaximo_asset_managementMatch7.1.1.10

ibmmaximo_asset_managementMatch7.1.1.11

ibmmaximo_asset_managementMatch7.1.1.12

ibmmaximo_asset_managementMatch7.1.1.13

ibmmaximo_asset_managementMatch7.5.0.0

ibmmaximo_asset_managementMatch7.5.0.1

ibmmaximo_asset_managementMatch7.5.0.2

ibmmaximo_asset_managementMatch7.5.0.3

ibmmaximo_asset_managementMatch7.5.0.4

ibmmaximo_asset_managementMatch7.5.0.5

ibmmaximo_asset_managementMatch7.5.0.6

ibmmaximo_asset_managementMatch7.5.0.7

ibmmaximo_asset_managementMatch7.5.0.8

ibmmaximo_asset_managementMatch7.5.0.9

ibmmaximo_asset_managementMatch7.6.0.0

ibmmaximo_asset_managementMatch7.6.0.1

ibmmaximo_asset_managementMatch7.6.0.2

ibmmaximo_for_governmentMatch7.1

ibmmaximo_for_governmentMatch7.5.0.0

ibmmaximo_for_governmentMatch7.5.0.1

ibmmaximo_for_governmentMatch7.5.0.2

ibmmaximo_for_governmentMatch7.5.0.3

ibmmaximo_for_governmentMatch7.5.0.4

ibmmaximo_for_governmentMatch7.5.0.5

ibmmaximo_for_governmentMatch7.5.0.6

ibmmaximo_for_life_sciencesMatch7.1

ibmmaximo_for_life_sciencesMatch7.5.0.0

ibmmaximo_for_life_sciencesMatch7.5.0.1

ibmmaximo_for_life_sciencesMatch7.5.0.2

ibmmaximo_for_life_sciencesMatch7.5.0.3

ibmmaximo_for_life_sciencesMatch7.5.0.4

ibmmaximo_for_life_sciencesMatch7.5.0.5

ibmmaximo_for_life_sciencesMatch7.5.0.6

ibmmaximo_for_nuclear_powerMatch7.1

ibmmaximo_for_nuclear_powerMatch7.5.0.0

ibmmaximo_for_nuclear_powerMatch7.5.0.1

ibmmaximo_for_nuclear_powerMatch7.5.0.2

ibmmaximo_for_nuclear_powerMatch7.5.0.3

ibmmaximo_for_nuclear_powerMatch7.5.0.4

ibmmaximo_for_nuclear_powerMatch7.5.0.5

ibmmaximo_for_nuclear_powerMatch7.5.0.6

ibmmaximo_for_oil_and_gasMatch7.1

ibmmaximo_for_oil_and_gasMatch7.5.0.0

ibmmaximo_for_oil_and_gasMatch7.5.0.1

ibmmaximo_for_oil_and_gasMatch7.5.0.2

ibmmaximo_for_oil_and_gasMatch7.5.0.3

ibmmaximo_for_oil_and_gasMatch7.5.0.4

ibmmaximo_for_oil_and_gasMatch7.5.0.5

ibmmaximo_for_oil_and_gasMatch7.5.0.6

ibmmaximo_for_transportationMatch7.1

ibmmaximo_for_transportationMatch7.5.0.0

ibmmaximo_for_transportationMatch7.5.0.1

ibmmaximo_for_transportationMatch7.5.0.2

ibmmaximo_for_transportationMatch7.5.0.3

ibmmaximo_for_transportationMatch7.5.0.4

ibmmaximo_for_transportationMatch7.5.0.5

ibmmaximo_for_transportationMatch7.5.0.6

ibmmaximo_for_utilitiesMatch7.1

ibmmaximo_for_utilitiesMatch7.5.0.0

ibmmaximo_for_utilitiesMatch7.5.0.1

ibmmaximo_for_utilitiesMatch7.5.0.2

ibmmaximo_for_utilitiesMatch7.5.0.3

ibmmaximo_for_utilitiesMatch7.5.0.4

ibmmaximo_for_utilitiesMatch7.5.0.5

ibmmaximo_for_utilitiesMatch7.5.0.6

ibmsmartcloud_control_deskMatch7.5

ibmsmartcloud_control_deskMatch7.6

ibmtivoli_asset_management_for_itMatch7.1

ibmtivoli_asset_management_for_itMatch7.2

ibmtivoli_service_request_managerMatch7.1.0

ibmtivoli_service_request_managerMatch7.2.0.0

CPENameOperatorVersion
ibm:change_and_configuration_management_databaseibm change and configuration management databaseeq7.1
ibm:change_and_configuration_management_databaseibm change and configuration management databaseeq7.2
ibm:maximo_asset_managementibm maximo asset managementeq7.1
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1.1
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1.2
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1.5
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1.6
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1.7
ibm:maximo_asset_managementibm maximo asset managementeq7.1.1.8

CPE	Name	Operator	Version
ibm:change_and_configuration_management_database	ibm change and configuration management database	eq	7.1
ibm:change_and_configuration_management_database	ibm change and configuration management database	eq	7.2
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1.1
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1.2
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1.5
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1.6
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1.7
ibm:maximo_asset_management	ibm maximo asset management	eq	7.1.1.8