CVE Vulnerabilities

CVE-2023-32334

Published: Jun 05, 2023 | Modified: Jun 10, 2023
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255074.

Affected Software

Name Vendor Start Version End Version
Maximo_application_suite Ibm 8.8.0 (including) 8.8.0 (including)
Maximo_asset_management Ibm 7.6.1.2 (including) 7.6.1.2 (including)
Maximo_asset_management Ibm 7.6.1.3 (including) 7.6.1.3 (including)

References