IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255075.
References
| Link | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 | Vendor Advisory |
| https://www.ibm.com/support/pages/node/7138684 | Vendor Advisory |
| https://www.ibm.com/support/pages/node/7138686 | Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 | Vendor Advisory |
| https://www.ibm.com/support/pages/node/7138686 | Vendor Advisory |
| https://www.ibm.com/support/pages/node/7138684 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Jan 2025, 20:10
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:a:ibm:maximo_application_suite:8.11:*:*:*:*:*:*:* cpe:2.3:a:ibm:maximo_application_suite:8.10:*:*:*:*:*:*:* cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:* |
|
| First Time |
Ibm maximo Asset Management
Ibm maximo Application Suite Ibm |
|
| CWE | NVD-CWE-Other | |
| References | () https://www.ibm.com/support/pages/node/7138684 - Vendor Advisory | |
| References | () https://www.ibm.com/support/pages/node/7138686 - Vendor Advisory | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 - Vendor Advisory |
13 Mar 2024, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-13 10:15
Updated : 2025-01-14 20:10
NVD link : CVE-2023-32335
Mitre link : CVE-2023-32335
JSON object : View
Products Affected
ibm
- maximo_application_suite
- maximo_asset_management
CWE