Ibm · Ibm Maximo Asset Management · CVE-2020-4463
**Name of the Vulnerable Software and Affected Versions**
IBM Maximo Asset Management versions 7.6.0.1 through 7.6.0.2
**Description**
The issue allows a remote attacker to expose sensitive information or consume memory resources through an XML External Entity Injection (XXE) attack when processing XML data.
**Recommendations**
For versions 7.6.0.1 and 7.6.0.2, consider disabling XML processing or restricting access to sensitive information until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.