CVE-2016-0289

Published: Apr 5, 2016Modified: May 6, 2026

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 before 7.5.0.10 and 7.6 before 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors.

Affected (17)

Products: Ibm: Maximo Asset Management

Ibm

1 product

Maximo Asset Management

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Ibm Maximo Asset Management	Version 7.1
Ibm Maximo Asset Management	Version 7.5.0.0
Ibm Maximo Asset Management	Version 7.5.0.1
Ibm Maximo Asset Management	Version 7.5.0.2
Ibm Maximo Asset Management	Version 7.5.0.3
Ibm Maximo Asset Management	Version 7.5.0.4
Ibm Maximo Asset Management	Version 7.5.0.5
Ibm Maximo Asset Management	Version 7.5.0.6
Ibm Maximo Asset Management	Version 7.5.0.7
Ibm Maximo Asset Management	Version 7.5.0.8
Ibm Maximo Asset Management	Version 7.5.0.9
Ibm Maximo Asset Management	Version 7.5
Ibm Maximo Asset Management	Version 7.6.0.0
Ibm Maximo Asset Management	Version 7.6.0.1
Ibm Maximo Asset Management	Version 7.6.0.2
Ibm Maximo Asset Management	Version 7.6.0.3
Ibm Maximo Asset Management	Version 7.6

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

http://www-01.ibm.com/support/docview.wss?uid=swg21979519

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21979519

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.