ID CVE-2023-32334
Summary IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255074.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:maximo_asset_management:7.6.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:maximo_asset_management:7.6.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_application_suite:8.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:maximo_application_suite:8.8.0:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 10-06-2023 - 00:01
Published 05-06-2023 - 01:15
Last modified 10-06-2023 - 00:01
Back to Top