CVE-2011-4818: Input Validation
First published: Tue Mar 13 2012(Updated: )
Open redirect vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the uisessionid parameter to an unspecified component.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Maximo Asset Management | =6.2 | |
| IBM Maximo Asset Management | =7.1 | |
| IBM Maximo Asset Management | =7.5 | |
| Ibm Maximo Asset Management Essentials | =6.2 | |
| Ibm Maximo Asset Management Essentials | =7.1 | |
| Ibm Maximo Asset Management Essentials | =7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- collector/nvd-historical
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- vendor/ibm
- canonical/ibm maximo asset management
- version/ibm maximo asset management/6.2
- version/ibm maximo asset management/7.1
- version/ibm maximo asset management/7.5
- canonical/ibm maximo asset management essentials
- version/ibm maximo asset management essentials/6.2
- version/ibm maximo asset management essentials/7.1
- version/ibm maximo asset management essentials/7.5