Ibm · Ibm Maximo Asset Management · CVE-2018-1528
**Name of the Vulnerable Software and Affected Versions**
IBM Maximo Asset Management versions 7.6 through 7.6.3
**Description**
The issue allows an authenticated user to obtain sensitive information from the "WhoAmI API" endpoint.
**Recommendations**
For versions 7.6 through 7.6.3, consider restricting access to the WhoAmI API endpoint until a fix is available.