CVE-2025-36386
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-28
Last updated on: 2025-11-21
Assigner: IBM Corporation
Description
Description
IBM Maximo Application Suite 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | maximo_application_suite | From 9.0 (inc) to 9.0.15 (inc) |
| ibm | maximo_application_suite | From 9.1.0 (inc) to 9.1.4 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-305 | The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM Maximo Application Suite versions 9.0.0 through 9.0.15 and 9.1.0 through 9.1.4 allows a remote attacker to bypass authentication mechanisms, enabling unauthorized access to the application.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access by remote attackers, potentially resulting in full compromise of confidentiality, integrity, and availability of the affected application.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70