CVE-2013-3323

A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
ibmchange_and_configuration_management_database
7.1
ibmchange_and_configuration_management_database
7.2
ibmmaximo_asset_management
6.2
ibmmaximo_asset_management
7.1
ibmmaximo_asset_management
7.5
ibmmaximo_asset_management_essentials
6.2
ibmmaximo_asset_management_essentials
7.1
ibmmaximo_asset_management_essentials
7.5
ibmmaximo_for_government
6.2
ibmmaximo_for_government
7.1
ibmmaximo_for_government
7.5
ibmmaximo_for_life_sciences
6.2
ibmmaximo_for_life_sciences
6.4
ibmmaximo_for_life_sciences
6.5
ibmmaximo_for_life_sciences
7.1
ibmmaximo_for_life_sciences
7.5
ibmmaximo_for_nuclear_power
6.2
ibmmaximo_for_nuclear_power
6.3
ibmmaximo_for_nuclear_power
7.1
ibmmaximo_for_nuclear_power
7.5
ibmmaximo_for_oil_and_gas
6.2
ibmmaximo_for_oil_and_gas
6.3
ibmmaximo_for_oil_and_gas
6.4
ibmmaximo_for_oil_and_gas
7.1
ibmmaximo_for_oil_and_gas
7.5
ibmmaximo_for_transportation
6.2
ibmmaximo_for_transportation
6.3
ibmmaximo_for_transportation
7.1
ibmmaximo_for_transportation
7.5
ibmmaximo_for_utilities
6.2
ibmmaximo_for_utilities
6.3
ibmmaximo_for_utilities
7.1
ibmmaximo_for_utilities
7.5
ibmmaximo_service_desk
6.2
ibmsmartcloud_control_desk
7.5
ibmtivoli_asset_management_for_it
6.2
ibmtivoli_asset_management_for_it
7.1
ibmtivoli_asset_management_for_it
7.2
ibmtivoli_service_request_manager
7.1
ibmtivoli_service_request_manager
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/62685
https://exchange.xforce.ibmcloud.com/vulnerabilities/77920?_ga=2.229912220.1881683942.1582039056-713214152.1572980240
https://www.ibm.com/support/pages/node/235239
http://www.securityfocus.com/bid/62685
https://exchange.xforce.ibmcloud.com/vulnerabilities/77920?_ga=2.229912220.1881683942.1582039056-713214152.1572980240
https://www.ibm.com/support/pages/node/235239