CVE-2025-2898 | THREATINT

Description

IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.

PUBLISHED Reserved 2025-03-28 | Published 2025-05-06 | Updated 2026-02-26 | Assigner ibm

HIGH: 7.5CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-266 Incorrect Privilege Assignment

Product status

Default status

unaffected

9.0

affected

References

https//www.ibm.com/support/pages/node/7232050 vendor-advisory patch

cve.org (CVE-2025-2898)

nvd.nist.gov (CVE-2025-2898)

Download JSON