CVE-2017-1176Sensitive Information Exposure in IBM Maximo Asset Management

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 83.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Maximo Asset Management
Timeline
PublishedJul 5
Latest updateMay 17

Description

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. IBM X-Force ID: 123299.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/maximo_asset_management4 versions+3
NVDibm/maximo_asset_management4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-jx9f-cppr-29rw: IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2017-1176: IBM Maximo Asset Management 72017-07-05
CVE-2017-1176 — Sensitive Information Exposure in IBM | cvebase