3 matches found
CVE-2021-20445
creationtimestamp| type| source ---|---|--- 2021-02-18 18:50:24+00:00| seen| https://t.me/cibsecurity/23813...
CVE-2021-20445
CVE-2021-20445 affects IBM Maximo for Civil Infrastructure 7.6.2. The vulnerability stems from insecure storage of authentication credentials, potentially allowing a user to obtain sensitive information. The issue is documented across multiple sources (NVD entry for the CVE and IBM bulletin) and ...
Security Bulletin: IBM Maximo Data Loader (maxloader) shipped with IBM Maximo for Civil Infrastructure is vulnerable to autocomplete HTML Attribute not disabled for password field
Summary There is autocomplete HTML attribute not disabled for password field in Maximo Data Loader maxloader which is shipped with IBM Maximo for Civil Infrastructure. It may be possible to bypass the web application's authentication mechanism. Vulnerability Details CVEID: CVE-2021-20445...