CVE-2018-1524

Summary

IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.

Affected Software

VendorProductVersion RangeStatus
IBMMaximo Asset Management7.6affected
IBMMaximo Asset Management7.6.0affected
IBMMaximo Asset Management7.6.0.1affected
IBMMaximo Asset Management7.6.1affected
IBMMaximo Asset Management7.6.2affected
IBMMaximo Asset Management7.6.2.1affected
IBMMaximo Asset Management7.6.2.2affected
IBMMaximo Asset Management7.6.2.3affected
IBMMaximo Asset Management7.6.2.4affected
IBMMaximo Asset Management7.6.3affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References