2 matches found
Security Bulletin: IBM Maximo Asset Management contains a misconfiguration that could allow an authenticated user to view backup and debug application files which could contain sensitive information (CVE-2015-4965)
Summary IBM Maximo Asset Management configuration allows an authenticated user to view backup and debug application files. This vulnerability could allow a local attacker to obtain sensitive information. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo...
CVE-2015-4965
maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX004 and 7.6.0 before 7.6.0.1 IFIX002 for SmartCloud Control Desk; and Maximo Ass...