Boletines de Vulnerabilidades

IBM Security Bulletin: IBM Maximo Asset Management could allow an authenticated user to view query results that the user should not have access to view due to improper access control (CVE-2015-5051)

Información sobre el sistema
   
Software afectado IBM

Descripción
IBM Maximo Asset Management contains a vulnerability which could allow an authenticated user to view query results that the user should not have access to view due to improper access control. This vulnerability could allow a local attacker to compromise data integrity. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences,

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_maximo_asset_management_could_allow_an_authenticated_user_to_view_query_results_that_the_user_should_not_have_access_to_view_due_to_improper_access_control_cve_2015_5051?

Identificadores estándar
Propiedad Valor
CVE CVE-2015-5051.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-11-26

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT