CVE-2015-4967

Published Oct 6, 2015
Last updated 9 years ago
CVSS info 6.5
Overview

Description: SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX004 and 7.6.0 before 7.6.0.1 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Source: psirt@us.ibm.com
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-89
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AF3DBFF-A377-4147-A6EB-BEC6F38FD8FD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83470AC7-A06B-4443-9E60-B0AA18B69AC7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE721CF9-0F75-410B-A0F4-542041E25925"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F261A268-7CD0-4328-8FBB-6AC40927DDFC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "537C2C01-302E-48A2-9D50-C98AB6DBC466"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65C72B48-0C0F-4C90-A34B-528A5C67432C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59090B6A-09AE-4597-A60A-38C20AEA8F3E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B7BC68-4BCB-4E02-9F6D-0F99DBE87FF0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FB99EBA-9725-4AB3-B816-5E00ADD7B7EC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19A4B2CD-94F5-4449-8D1F-E69C3BA9929C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F077F88-37D3-43FA-8EA6-A7FBD9869AA9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "741A13F4-DED0-43A2-8761-AAEAA0557B96"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8945E452-7D50-4C59-B8CE-8F1C756DB01A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0632D29-B9B9-48E1-9762-A80B660CEBA1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "048BAB63-0A88-4E3D-998B-06EC7917DC78"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B590C42-21A1-4C62-8293-5A0D7AD628E4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01604919-877F-4BDF-A137-C1A54E04BEC6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4577B9CD-45CA-4D01-B99D-7C39131C9C35"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBB734EA-42EE-4BE0-934E-9E783BCDA31A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16981EC3-76AE-441B-92C4-8DD6E6A1EA89"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36BB996E-17BC-4E35-97A0-142946F6B2AD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA8B991C-2AE4-499D-B173-BF016D7F78F6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "804A2AD3-94FB-4085-AE08-F7120EDDEFFC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2659CCD-6D04-4479-BA93-B906DC200424"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B028794E-5FA0-4E3D-AC4D-A2826DD6282C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85457F6C-80FE-4E9F-BAB6-58B0485D8B7B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "598EAB6C-7D41-46FE-BB32-D31014CA01D6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_energy_optimization:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47FE69C7-D7C4-4707-B3EF-AC290F2CF92D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D8673B0-D385-467A-A60C-90A436C976D3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E13EC59E-0D34-429E-857A-6553286B95B4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E847B9C-EBB6-47EF-8519-52F3B0ED13FA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C99DF69D-4963-4BC7-81DE-7091FDD7FC13"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E000525-2222-4B9D-9631-7A2EF8DF5EF6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D91D1E87-8812-4B7A-A4CF-E78D64247F11"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "542A832F-E26D-4232-BC5A-FB93F0A33072"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF2DAEE6-344E-471D-9508-BD4360B5EB6E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B315997-8DD3-4244-B292-68568FB82CED"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82E905E5-EF91-4CD3-B30F-06B9BDFD07A9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9956CC67-C6C5-454C-AB39-D6E2B182B256"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A031C08-3502-4770-838F-C9481F92E3DA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40421A30-9CD0-46FE-8723-E4AC6EA51F07"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE4951D3-68F8-4A99-9F3C-7C5118CBBCF1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C24B38BD-2A3B-4B00-B053-06F5AB32265C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71A8F3D1-C72D-497C-8167-23A128B4AC6D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4796CF9E-0065-4DE2-8C7A-22EB76F65E8E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0C60408-42F0-495B-840B-9A2F5C9CE5E2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85D493B1-2E6E-48B4-9FA3-78D8F6447F12"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1452A20-CF6F-4150-B543-ECB9C8E921D2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3985E49F-DDA0-4344-9088-4C961A3F7CAF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B47280A1-1E0C-4D58-AB28-4E85DFEB3081"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08080694-7D79-42B4-BEFF-36C2435BF0AE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDC7C333-43F0-45D0-8E51-8041474FE3F0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "764D9D95-26A8-441E-95E1-55C9CDEA59BD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "348A5D33-4B81-479F-AE61-4C17642F11EA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "470406C7-0F53-47B9-8A5B-E8053DC37640"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51692CC8-DB5B-45DF-B1C4-0F977350A99A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F94013B4-56FD-4380-A08C-3867FD3C0B8A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65878D4F-0171-4BF0-AAB1-9AB8A95EEDB2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A37A2515-3CB2-4D36-BAED-D5915CAD8BB8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B254C76-DB68-4FED-9E5B-11B9B595418E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F780ADF-3151-4B2C-98B9-7FFD0DB47A57"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F61A8511-5C5E-4328-998A-28D3229B9B38"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A723D1C-A9AF-4D7F-9E76-14AAE49E2D87"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "615A3FF9-B20F-4C4E-9A6E-5A6F71A938B1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6F36331-E40D-4F7D-A748-8F87DC17B1E9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E285BF7C-B698-4F56-A172-B196B7694987"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D069E18-1DBB-4537-AAE3-1D42C492D4B1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CC6AD95-18E5-48D9-A962-85854E98FD14"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "553D4A7C-E2F0-40F7-88FC-AB372DFCA9DD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "982661EA-3176-4854-A64C-9F32751A045C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9688CC0-4A67-4884-B327-B403ABF59A12"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57B19AFE-7D8B-48E4-9012-7AA3FA885DC8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF3175D9-FB46-41FF-97D1-1E86497195BF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E1D9AD3-5F06-48A0-B5E9-6B58B90ED75D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C7E5F34-0898-467E-A148-B14078C3239C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB7549CF-96F8-4FB2-994E-17F49D946ADF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88692CEA-1B67-4D1D-86CF-FC0C6DDB2B27"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "013D299A-6A9C-44C7-B49C-A4115F4C13E3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D5C1BCF-1DC0-45E7-B624-9221F8610346"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54234F72-760A-4E80-8172-1AD93F0A372B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED3A0A74-83FB-4061-8232-4BAA9D901B75"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
