2 matches found
Security Bulletin: IBM Maximo Asset Management is vulnerable to path traversal (CVE-2019-4582)
Summary IBM Maximo Asset Management is vulnerable to path traversal. Vulnerability Details CVEID: CVE-2019-4582 DESCRIPTION: IBM Maximo Asset Management could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot"...
CVE-2019-4582
IBM Maximo Asset Management core versions 7.6.0 and 7.6.1 are vulnerable to a path traversal issue. A remote attacker can supply a crafted URL containing dot-dot sequences (/../) to view arbitrary files on the system. The CVSSv3 base score is 4.3 (MEDIUM), with Network attack vector and low privi...