Vulnerability Description
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 FP009, and 7.6.0 before 7.6.0.2 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 FP009, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products have a default administrator account, which makes it easier for remote authenticated users to obtain access via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Change And Configuration Management Database | 7.1 |
| Ibm | Maximo Asset Management | 7.1 |
| Ibm | Maximo For Government | 7.1 |
| Ibm | Maximo For Life Sciences | 7.1 |
| Ibm | Maximo For Nuclear Power | 7.1 |
| Ibm | Maximo For Oil And Gas | 7.1 |
| Ibm | Maximo For Transportation | 7.1 |
| Ibm | Maximo For Utilities | 7.1 |
| Ibm | Smartcloud Control Desk | 7.5 |
| Ibm | Tivoli Asset Management For It | 7.1 |
| Ibm | Tivoli Service Request Manager | 7.1.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21968191Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21968191Vendor Advisory
FAQ
What is CVE-2015-4966?
CVE-2015-4966 is a vulnerability with a CVSS score of 6.5 (MEDIUM). IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 FP009, and 7.6.0 before 7.6.0.2 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 FP009, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX...
How severe is CVE-2015-4966?
CVE-2015-4966 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4966?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Change And Configuration Management Database, Ibm Maximo Asset Management, Ibm Maximo For Government, Ibm Maximo For Life Sciences, Ibm Maximo For Nuclear Power.