Password Encryption Vulnerability in IBM Maximo Asset Management
CVE-2015-1934

Currently unrated

Key Information:

Summary

IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 prior to 7.5.0.8 IFIX002, and 7.6.0 before 7.6.0.1 IFIX001 possess vulnerabilities due to inadequate encryption of passwords. As a result, this flaw enables context-dependent attackers to easily decipher plaintext passwords by exploiting access to exposed password files. This lack of proper encryption can lead to unauthorized access and significant security breaches, posing a serious risk to organizations that rely on these systems.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.