Password Field Vulnerability in IBM Maximo Asset Management
CVE-2015-1933

Currently unrated

Key Information:

Summary

IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 prior to 7.5.0.8 IFIX001, and 7.6.0 prior to 7.6.0.1 IFIX001 are affected by a vulnerability that lacks an off autocomplete attribute for the password input field. This oversight allows attackers to exploit unattended workstations, potentially gaining unauthorized access to sensitive user accounts.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.