Information Disclosure in IBM Maximo Application Suite
CVE-2022-43923

6.2MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
24 February 2023

Summary

IBM Maximo Application Suite versions 8.8.0 and 8.9.0 are vulnerable due to improper handling of sensitive information. This flaw allows local users to read potentially sensitive data stored within the application, posing a risk of unauthorized access. To mitigate this issue, it's crucial for organizations to apply patches and adhere to best practices in securing access rights to sensitive data.

Affected Version(s)

Maximo Application Suite 8.8.0, 8.9.0

References

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.