CVE-2016-0222

{"id": "CVE-2016-0222", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2016-03-14T01:59:01.467", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976949", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors."}, {"lang": "es", "value": "IBM Maximo Asset Management 7.6 en versiones anteriores a 7.6.0.3 IFIX001 permite a usuarios remotos autenticados eludir las restricciones de acceso previstas y leer registros de trabajo de \u00f3rdenes de compra arbitrarios a trav\u00e9s de vectores no especificados."}], "lastModified": "2016-03-17T22:03:49.993", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B028794E-5FA0-4E3D-AC4D-A2826DD6282C"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "050D798F-F9CC-447B-94F4-81A893349695"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "948B518D-129E-42E7-B07F-5E1CA5056DFA"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7038EBF6-E527-492B-A6A5-14F9A2F79BDF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "742BF86E-E5D2-4CC9-BD41-78C243995880"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B028794E-5FA0-4E3D-AC4D-A2826DD6282C"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "050D798F-F9CC-447B-94F4-81A893349695"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "948B518D-129E-42E7-B07F-5E1CA5056DFA"}, {"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7038EBF6-E527-492B-A6A5-14F9A2F79BDF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:maximo_for_government:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6952A03A-657B-4CE9-8C85-1EBEB6D090FA"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0660482-340B-4FDA-8F0A-323BE0167800"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E7B2B1-2746-40A4-83FC-DCEDE8B607BA"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55DB8F6D-F7DB-485B-80D9-368188F2E858"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "537D5FEA-7809-4CB6-9D71-FC3C408B2611"}, {"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEE303C7-7873-4754-926D-122FD45337FB"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@us.ibm.com"}