Security Bulletin: IBM Maximo Asset Management could allow a local attacker to obtain sensitive information using HTTP Header Injection (CVE-2017-1124)

Summary IBM Maximo Asset Management could allow a local attacker to obtain sensitive information using HTTP Header Injection. Vulnerability Details CVEID: CVE-2017-1124 DESCRIPTION: IBM Maximo Asset Management could allow a local attacker to obtain sensitive information using HTTP Header Injectio...

CVE-2017-1124

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference : 1998053...

CVE-2017-1124

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference : 1998053...

CVE-2017-1124

CVE-2017-1124 affects IBM Maximo Asset Management core versions 7.6, 7.5 and 7.1 (and Maximo Asset Management Essentials) plus affected IBM Industry Solutions and Control Desk products when installed on a vulnerable core. Root cause: HTTP header injection enabling local information disclosure by ...