What is the severity of CVE-2013-3971?

CVE-2013-3971 has been classified as a medium severity vulnerability due to its potential impact on access control.

How do I fix CVE-2013-3971?

To mitigate CVE-2013-3971, update IBM Maximo Asset Management to version 7.5.0.5 or later.

Who is affected by CVE-2013-3971?

CVE-2013-3971 affects remote authenticated users of IBM Maximo Asset Management versions 7.1 through 7.1.1.12 and 7.5 versions before 7.5.0.5.

What type of vulnerability is CVE-2013-3971?

CVE-2013-3971 is an access control vulnerability that allows users to bypass intended restrictions.

Are there any known exploits for CVE-2013-3971?

As of now, there are no publicly known exploits targeting CVE-2013-3971.

Vulnerability/
CVE-2013-3971

medium

CWE

264

1/10/2013

29/8/2017

CVE-2013-3971

First published: Tue Oct 01 2013(Updated: )

IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3049.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.1.1
IBM Maximo Asset Management	=7.1.1.1
IBM Maximo Asset Management	=7.1.1.2
IBM Maximo Asset Management	=7.1.1.5
IBM Maximo Asset Management	=7.1.1.6
IBM Maximo Asset Management	=7.1.1.7
IBM Maximo Asset Management	=7.1.1.8
IBM Maximo Asset Management	=7.1.1.9
IBM Maximo Asset Management	=7.1.1.10
IBM Maximo Asset Management	=7.1.1.11
IBM Maximo Asset Management	=7.1.1.12
IBM Maximo Asset Management	=7.5.0.0
IBM Maximo Asset Management	=7.5.0.1
IBM Maximo Asset Management	=7.5.0.2
IBM Maximo Asset Management	=7.5.0.3
IBM Maximo Asset Management	=7.5.0.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3971?
CVE-2013-3971 has been classified as a medium severity vulnerability due to its potential impact on access control.
How do I fix CVE-2013-3971?
To mitigate CVE-2013-3971, update IBM Maximo Asset Management to version 7.5.0.5 or later.
Who is affected by CVE-2013-3971?
CVE-2013-3971 affects remote authenticated users of IBM Maximo Asset Management versions 7.1 through 7.1.1.12 and 7.5 versions before 7.5.0.5.
What type of vulnerability is CVE-2013-3971?
CVE-2013-3971 is an access control vulnerability that allows users to bypass intended restrictions.
Are there any known exploits for CVE-2013-3971?
As of now, there are no publicly known exploits targeting CVE-2013-3971.

agent/references
agent/severity
agent/description
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/author
vendor/ibm
canonical/ibm maximo asset management
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.1.1
version/ibm maximo asset management/7.1.1.1
version/ibm maximo asset management/7.1.1.2
version/ibm maximo asset management/7.1.1.5
version/ibm maximo asset management/7.1.1.6
version/ibm maximo asset management/7.1.1.7
version/ibm maximo asset management/7.1.1.8
version/ibm maximo asset management/7.1.1.9
version/ibm maximo asset management/7.1.1.10
version/ibm maximo asset management/7.1.1.11
version/ibm maximo asset management/7.1.1.12
version/ibm maximo asset management/7.5.0.0
version/ibm maximo asset management/7.5.0.1
version/ibm maximo asset management/7.5.0.2
version/ibm maximo asset management/7.5.0.3
version/ibm maximo asset management/7.5.0.4