CVE-2015-5017

{"id": "CVE-2015-5017", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2016-01-03T05:59:03.897", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969052", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote authenticated users to bypass intended access restrictions and establish a login session by entering an expired password."}, {"lang": "es", "value": "IBM Maximo Asset Management 7.1 hasta la versi\u00f3n 7.1.1.13, 7.5.0 en versiones anteriores a 7.5.0.8 IFIX005 y 7.6.0 en versiones anteriores a 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 en versiones anteriores a 7.5.0.8 IFIX005, 7.5.1 y 7.6.0 en versiones anteriores a 7.6.0.2 IFIX002 para SmartCloud Control Desk; y Maximo Asset Management 7.1 hasta la versi\u00f3n 7.1.1.13 y 7.2 para Tivoli IT Asset Management for IT y otros ciertos productos permite a usuarios remotos autenticados eludir las restricciones de acceso previstas y llevar a cabo un inicio de sesi\u00f3n introduciendo una contrase\u00f1a caducada."}], "lastModified": "2016-01-06T19:42:25.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AF3DBFF-A377-4147-A6EB-BEC6F38FD8FD"}, {"criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83470AC7-A06B-4443-9E60-B0AA18B69AC7"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE721CF9-0F75-410B-A0F4-542041E25925"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AEBAE48-FFD0-4837-AB3B-F6C31B1AC8D9"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58B773C7-9386-4704-B85F-748578DBC242"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85457F6C-80FE-4E9F-BAB6-58B0485D8B7B"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "598EAB6C-7D41-46FE-BB32-D31014CA01D6"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_energy_optimization:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47FE69C7-D7C4-4707-B3EF-AC290F2CF92D"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D8673B0-D385-467A-A60C-90A436C976D3"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4908AC9D-7410-47A6-BC46-5587C60061A2"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B315997-8DD3-4244-B292-68568FB82CED"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "360D781D-AD52-4309-A484-2150B10DFB02"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BA294D6-4D4D-4ADB-A05B-F578A8877A4D"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4796CF9E-0065-4DE2-8C7A-22EB76F65E8E"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75C69BA7-055F-446B-9E76-398D57680BA0"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "764D9D95-26A8-441E-95E1-55C9CDEA59BD"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "012787EB-E7F0-4CAD-B406-6057A7F6F14F"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F780ADF-3151-4B2C-98B9-7FFD0DB47A57"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4367602D-5736-459D-82C1-099CD484F2FE"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "553D4A7C-E2F0-40F7-88FC-AB372DFCA9DD"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1480E9F7-9CA1-4F8D-977F-0F13594D0D36"}, {"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88692CEA-1B67-4D1D-86CF-FC0C6DDB2B27"}, {"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9FC166C-B9B7-4DD9-B22E-174247578F16"}, {"criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "013D299A-6A9C-44C7-B49C-A4115F4C13E3"}, {"criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D5C1BCF-1DC0-45E7-B624-9221F8610346"}, {"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "235AE987-A109-4996-B43A-38C1BE23F37B"}, {"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95FF438A-31FC-44DD-AC14-C9332F0B0A3D"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}