IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255074.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/255074 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6999721 | Vendor Advisory |
https://www.ibm.com/support/pages/node/6999747 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2023-06-05T00:44:31.786Z
Updated: 2023-06-05T00:44:31.786Z
Reserved: 2023-05-08T18:32:34.088Z
Link: CVE-2023-32334
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-05T01:15:45.960
Modified: 2023-06-10T00:01:21.103
Link: CVE-2023-32334
JSON object: View
Redhat Information
No data.
CWE