IBM Maximo Asset Management Vulnerability: Web Pages Stored Locally Can Be Accessed by Other Users
CVE-2024-22333

3.3LOW

Key Information:

Vendor: IBM
Status: Maximo Application Suite; Maximo Asset Management
Vendor: CVE Published:; 13 June 2024

Summary

IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 279973.

Affected Version(s)

Maximo Application Suite 8.10, 8.11

Maximo Asset Management 7.6.1.3

References

https://www.ibm.com/support/pages/node/7157256

vendor-advisory

https://www.ibm.com/support/pages/node/7157257

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/279973

vdb-entry

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2024
Vulnerability Reserved
Jan 8, 2024

Collectors

NVD DatabaseMitre Database