Vulnerability Description
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 FP002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 FP002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote authenticated users to bypass intended work-order change restrictions via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Change And Configuration Management Database | 7.1 |
| Ibm | Maximo Asset Management | 7.1 |
| Ibm | Maximo For Government | 7.1 |
| Ibm | Maximo For Life Sciences | 7.1 |
| Ibm | Maximo For Nuclear Power | 7.1 |
| Ibm | Maximo For Oil And Gas | 7.1 |
| Ibm | Maximo For Transportation | 7.1 |
| Ibm | Maximo For Utilities | 7.1 |
| Ibm | Smartcloud Control Desk | 7.5 |
| Ibm | Tivoli Asset Management For It | 7.1 |
| Ibm | Tivoli Service Request Manager | 7.1.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21969072Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21969072Vendor Advisory
FAQ
What is CVE-2015-7395?
CVE-2015-7395 is a vulnerability with a CVSS score of 4.0 (MEDIUM). IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 FP002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 FP...
How severe is CVE-2015-7395?
CVE-2015-7395 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7395?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Change And Configuration Management Database, Ibm Maximo Asset Management, Ibm Maximo For Government, Ibm Maximo For Life Sciences, Ibm Maximo For Nuclear Power.