CVE-2015-1951Sensitive Information Exposure in IBM Maximo Asset Management

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 82.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Maximo Asset Management
Timeline
PublishedJul 1
Latest updateMay 17

Description

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/maximo_asset_management23 versions+22

🔴Vulnerability Details

2
GHSA
GHSA-c3mw-526g-r2pc: IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2015-1951: IBM Maximo Asset Management 72015-07-01
CVE-2015-1951 — Sensitive Information Exposure in IBM | cvebase