← Back

CVE-2014-0849

nvd nist
Published: May 26, 2014Modified: May 6, 2026

JSON object

Loading...
6.0
Vector
AV:N/AC:M/Au:S/C:P/I:P/A:P
Exploitability: 6.8 / Impact: 6.4
Source: NVD

Description

IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.

Affected (25)

Ibm
2 products
Maximo Asset Management
Smartcloud Control Desk
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Maximo Asset Management
Version 7.1.1.10
Maximo Asset Management
Version 7.1.1.11
Maximo Asset Management
Version 7.1.1.12
Maximo Asset Management
Version 7.1.1.1
Maximo Asset Management
Version 7.1.1.2
Maximo Asset Management
Version 7.1.1.5
Maximo Asset Management
Version 7.1.1.6
Maximo Asset Management
Version 7.1.1.7
Maximo Asset Management
Version 7.1.1.8
Maximo Asset Management
Version 7.1.1.9
Maximo Asset Management
Version 7.1.1
Maximo Asset Management
Version 7.1.2
Maximo Asset Management
Version 7.1
Configuration B
8 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Smartcloud Control Desk
Version 7.0
Smartcloud Control Desk
Version 7.5.0.0
Smartcloud Control Desk
Version 7.5.0.1
Smartcloud Control Desk
Version 7.5.0.2
Smartcloud Control Desk
Version 7.5.0.3
Smartcloud Control Desk
Version 7.5.1.0
Smartcloud Control Desk
Version 7.5.1.1
Smartcloud Control Desk
Version 7.5
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Maximo Asset Management
Version 7.5.0.0
Maximo Asset Management
Version 7.5.0.1
Maximo Asset Management
Version 7.5.0.2
Maximo Asset Management
Version 7.5.0.3

Related CWEs

CWE-264
CWE-264

References (6)

Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.