Information Disclosure Vulnerability in IBM Maximo Asset Management and SmartCloud Control Desk
CVE-2013-2998

Currently unrated

Key Information:

Vendor: IBM
Status: Smartcloud Control Desk
Vendor: CVE Published:; 26 May 2014

Summary

A vulnerability in the frontcontroller.jsp file of IBM Maximo Asset Management and SmartCloud Control Desk allows remote authenticated users to retrieve sensitive information by manipulating the action_code parameter. This could lead to unauthorized access to confidential data, posing a security risk to organizations utilizing the affected versions. It is essential for users to update their installations to mitigate this risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV34110

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21670870

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84841

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 26, 2014
Vulnerability Reserved
Apr 12, 2013