2 matches found
Security Bulletin: IBM Maximo Asset Management is vulnerable to Information Disclosure (CVE-2018-1697)
Summary IBM Maximo Asset Management could allow an authenticated user to enumerate usernames using a specially crafted HTTP request. Vulnerability Details CVEID: CVE-2018-1697 DESCRIPTION: IBM Maximo Asset Management could allow an authenticated user to enumerate usernames using a specially craft...
CVE-2018-1697
CVE-2018-1697 affects IBM Maximo Asset Management 7.6 and possibly related IBM Maximo products when installed on affected core versions. An authenticated user could enumerate usernames by sending a specially crafted HTTP request, leading to information disclosure with a CVSS v3 base score of 4.3 ...