Privilege Escalation via Multiple Security Group Membership in IBM Maximo Asset Management and SmartCloud Control Desk
CVE-2014-0849 · MEDIUM Severity
AV:N/AC:M/AU:S/C:P/I:P/A:P
IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.
Learn more about our Cloud Audit.