← voltar
CVE-2023-32335

IBM Maximo Application Suite information disclosure

CVSS 3.7 LOWEPSS 0.5%CWE-598
IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255075.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
IBM · Maximo Application SuiteIBM · Maximo Asset Management

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://exchange.xforce.ibmcloud.com/vulnerabilities/266875https://www.ibm.com/support/pages/node/7138684https://www.ibm.com/support/pages/node/7138686