CVE-2015-1951

Name of the Vulnerable Software and Affected Versions IBM Maximo Asset Management versions 7.1 through 7.1.1.13 IBM Maximo Asset Management versions 7.5.0 through 7.5.0.7 IBM Maximo Asset Management versions 7.6.0 through 7.6.0.0 IFIX004

Description The issue is related to the caching of HTTPS responses, which can be exploited by physically proximate attackers to obtain sensitive local-cache information from an unattended workstation. This can allow a local attacker to gain access to protected information.

Recommendations For IBM Maximo Asset Management versions 7.1 through 7.1.1.13, update to version 7.1.1.14 or later. For IBM Maximo Asset Management versions 7.5.0 through 7.5.0.7, apply IFIX001 or update to version 7.5.0.8 or later. For IBM Maximo Asset Management versions 7.6.0 through 7.6.0.0 IFIX004, apply IFIX005 or update to version 7.6.0.0 IFIX005 or later.