CVE Vulnerabilities

CVE-2024-38314

Use of Hard-coded Cryptographic Key

Published: Oct 24, 2024 | Modified: Jul 08, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment.

Weakness

The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.

Affected Software

Name Vendor Start Version End Version
Maximo_application_suite Ibm 8.10 (including) 8.10.15 (excluding)
Maximo_application_suite Ibm 8.11 (including) 8.11.12 (excluding)
Maximo_application_suite Ibm 9.0 (including) 9.0.4 (excluding)

Potential Mitigations

References