PT-2019-10041 · Ibm · Ibm Maximo Asset Management
Published
2019-06-06
·
Updated
2023-03-03
·
CVE-2018-2028
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM Maximo Asset Management version 7.6
Description:
The issue allows an authenticated user to replace a target page with a phishing site, potentially enabling the attacker to obtain highly sensitive information.
Recommendations:
For IBM Maximo Asset Management version 7.6, apply the necessary patches or updates to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and implementing additional security measures to prevent phishing attacks.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Maximo Asset Management