CVE-2023-27860

CWE-2093 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 74.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Maximo Asset Management
Timeline
PublishedApr 27

Description

IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. This information could be used in further attacks against the system. IBM X-Force ID: 249207.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/maximo_asset_management7.6.1.2, 7.6.1.3
NVDibm/maximo_asset_management7.6.1.2, 7.6.1.3+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-mgj2-j39f-g57c: IBM Maximo Asset Management 72023-04-27
CVEList
IBM Maximo Asset Management information disclosure2023-04-27
CVE-2023-27860 (MEDIUM CVSS 5.3) | IBM Maximo Asset Management 7.6.1.2 | cvebase.io