CVE-2020-4529

Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management versions 7.6.0 through 7.6.1

Description: The issue is related to insufficient validation of incoming requests, which may allow a remote attacker to perform a Server Side Request Forgery (SSRF) attack. This could enable an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Recommendations: For versions 7.6.0 and 7.6.1, consider restricting access to vulnerable components or functions until a patch is available. As a temporary workaround, disabling the functionality that allows server-side requests may help minimize the risk of exploitation.