Directory Information Exposure in IBM Maximo Asset Management Products
CVE-2014-4765

Currently unrated

Key Information:

Vendor: IBM
Status: Maximo Asset Management; Maximo For Utilities; Maximo For Life Sciences; Maximo For Nuclear Power
Vendor: CVE Published:; 2 October 2014

What is CVE-2014-4765?

IBM Maximo Asset Management products, including versions 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, are vulnerable to an issue that allows remote attackers to access sensitive directory information through an unspecified error message. This vulnerability affects various configurations of IBM's Maximo Asset Management, potentially exposing critical information to unauthorized users. Attention should be given to securing these products to prevent exploitation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21685289

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/94757

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2014
Vulnerability Reserved
Jul 9, 2014