Password Encryption Vulnerability in IBM Maximo Asset Management
CVE-2015-1934
Currently unrated
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 4 October 2015
Summary
IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 prior to 7.5.0.8 IFIX002, and 7.6.0 before 7.6.0.1 IFIX001 possess vulnerabilities due to inadequate encryption of passwords. As a result, this flaw enables context-dependent attackers to easily decipher plaintext passwords by exploiting access to exposed password files. This lack of proper encryption can lead to unauthorized access and significant security breaches, posing a serious risk to organizations that rely on these systems.
References
Timeline
Vulnerability published
Vulnerability Reserved