Vulnerability Description
IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Maximo Asset Management | 7.1 |
| Ibm | Smartcloud Control Desk | 7.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV53952
- http://www-01.ibm.com/support/docview.wss?uid=swg21670870
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90738
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV53952
- http://www-01.ibm.com/support/docview.wss?uid=swg21670870
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90738
FAQ
What is CVE-2014-0849?
CVE-2014-0849 is a vulnerability with a CVSS score of 6.0 (MEDIUM). IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membe...
How severe is CVE-2014-0849?
CVE-2014-0849 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0849?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Maximo Asset Management, Ibm Smartcloud Control Desk.