Maximo Mobile for EAM Vulnerability Could Disclose Sensitive Information to Local Users
CVE-2023-43043

5.1MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
13 March 2024

Summary

The IBM Maximo Application Suite, specifically the Maximo Mobile for EAM versions 8.10 and 8.11, has a vulnerability that allows local users to access sensitive information. This exposure can lead to significant security risks if unaddressed, as it enables unauthorized users to gain insights into confidential data, potentially impacting organizational security policies and compliance requirements. Organizations using these affected versions are advised to review their security measures and apply necessary patches to mitigate the risk.

Affected Version(s)

Maximo Application Suite - Maximo Mobile for EAM 8.10, 8.11

References

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.