Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32335

IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255075.

Published

2024-03-13T10:15:07.413

Last Modified

2025-01-14T20:10:32.063

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.7 (LOW)

Weaknesses

Type: Secondary
CWE-598
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	maximo_application_suite	8.10	Yes
Application	ibm	maximo_application_suite	8.11	Yes
Application	ibm	maximo_asset_management	7.6.1.3	Yes

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/7138684 Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/7138686 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/7138684 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/7138686 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)