Password Field Vulnerability in IBM Maximo Asset Management
CVE-2015-1933
Currently unrated
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 4 October 2015
Summary
IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 prior to 7.5.0.8 IFIX001, and 7.6.0 prior to 7.6.0.1 IFIX001 are affected by a vulnerability that lacks an off autocomplete attribute for the password input field. This oversight allows attackers to exploit unattended workstations, potentially gaining unauthorized access to sensitive user accounts.
References
Timeline
Vulnerability published
Vulnerability Reserved