Vulnerability Description
IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to a work order.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Maximo Asset Management | 6.2 |
| Ibm | Maximo Asset Management Essentials | 6.2.0.0 |
| Ibm | Tivoli Asset Management For It | 6.0 |
| Ibm | Tivoli Service Request Manager | 7.1.0 |
| Ibm | Maximo Service Desk | 6.2 |
| Ibm | Change And Configuration Management Database | 7.1. |
| Ibm | Smartcloud Control Desk | 7.5.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV30384
- http://www-01.ibm.com/support/docview.wss?uid=swg21625624Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80747
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV30384
- http://www-01.ibm.com/support/docview.wss?uid=swg21625624Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80747
FAQ
What is CVE-2012-6355?
CVE-2012-6355 is a vulnerability with a CVSS score of 6.5 (MEDIUM). IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Serv...
How severe is CVE-2012-6355?
CVE-2012-6355 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6355?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Maximo Asset Management, Ibm Maximo Asset Management Essentials, Ibm Tivoli Asset Management For It, Ibm Tivoli Service Request Manager, Ibm Maximo Service Desk.