How severe is CVE-2015-7396?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2015-7396?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2015-7396

MEDIUM Year: 2015

CVSS v3 Score

5.4

Medium

CVSS v2 Score

5.5

Medium

Weakness Type

CWE-264

View all →

Vulnerability Description

The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors.

CVE-2014-4919

MEDIUM

CVSS:5.4(Medium)

OXID eShop Professional Edition before 4.7.13 and 4.8.x before 4.8.7, Enterprise Edition before 5.0.13 and 5.1.x before 5.1.7, and Community Edition before 4.7.13 and 4.8.x before 4.8.7 allow remote a...

CWE-2642014

CVE-2015-5264

MEDIUM

CVSS:5.4(Medium)

The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additiona...

CWE-2642015

CVE-2015-8484

MEDIUM

CVSS:5.4(Medium)

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-84...

CWE-2642015

CVE-2015-8485

MEDIUM

CVSS:5.4(Medium)

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CV...

CWE-2642015

CVE-2015-8486

MEDIUM

CVSS:5.4(Medium)

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE...

CWE-2642015

CVE-2016-1152

MEDIUM

CVSS:5.4(Medium)

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions, and read or write to plan data, via unspecified vectors, a different vulnerability than CVE...

CWE-2642016

CVE-2015-7396

Vulnerability Description

Related Vulnerabilities

CVE-2014-4919

CVE-2015-5264

CVE-2015-8484

CVE-2015-8485

CVE-2015-8486

CVE-2016-1152