CVE-2017-1291

Name of the Vulnerable Software and Affected Versions IBM Maximo Asset Management versions 7.5 through 7.6

Description The issue allows a remote attacker to exploit the system using specially-crafted URLs, potentially leading to HTTP response splitting attacks. This could enable the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information.

Recommendations For IBM Maximo Asset Management versions 7.5 through 7.6, consider restricting access to specially-crafted URLs to minimize the risk of exploitation. As a temporary workaround, avoid clicking on suspicious URLs that could cause the server to return a split response. At the moment, there is no information about a newer version that contains a fix for this vulnerability.