Local Information Disclosure Vulnerability in IBM Maximo Asset Management
CVE-2015-7487
4.1MEDIUM
Key Information:
- Vendor
- IBM
- Status
- Vendor
- CVE Published:
- 27 January 2016
Summary
A vulnerability exists in IBM Maximo Asset Management that allows local users with administrative privileges to gain unauthorized access to sensitive information by reading log files. This issue affects multiple versions of Maximo Asset Management, posing a risk to organizations using these products. It is crucial for users to apply security updates to mitigate the chances of sensitive data exposure.
References
CVSS V3.1
Score:
4.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved