Sensitive Directory Information Disclosure Vulnerability in IBM Maximo Asset Management

Sensitive Directory Information Disclosure Vulnerability in IBM Maximo Asset Management

CVE-2014-4765 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote attackers to obtain sensitive directory information by reading an unspecified error message.

Learn more about our Cloud Audit.