PT-2021-13970 · Ibm · Ibm Maximo For Civil Infrastructure

Published

2021-02-18

Updated

2021-02-22

CVE-2021-20445

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: IBM Maximo for Civil Infrastructure version 7.6.2

Description: The issue allows a user to obtain sensitive information due to insecure storage of authentication credentials.

Recommendations: For IBM Maximo for Civil Infrastructure version 7.6.2, consider restricting access to sensitive information and authentication credentials until a patch or fix is available. As a temporary workaround, review and secure the storage of authentication credentials to minimize the risk of exploitation.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2021-20445

Affected Products

Ibm Maximo For Civil Infrastructure

PT-2021-13970 · Ibm · Ibm Maximo For Civil Infrastructure

CVE-2021-20445

Weakness Enumeration

Related Identifiers

Affected Products

References · 6