What is the severity of CVE-2015-1951?

CVE-2015-1951 is classified as a medium severity vulnerability.

How do I fix CVE-2015-1951?

To fix CVE-2015-1951, you should apply the latest security patches provided by IBM for your version of Maximo Asset Management.

What versions of IBM Maximo Asset Management are affected by CVE-2015-1951?

CVE-2015-1951 affects IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005.

Does CVE-2015-1951 involve HTTPS response caching issues?

Yes, CVE-2015-1951 specifically involves the inability to prevent caching of HTTPS responses.

Vulnerability/
CVE-2015-1951

low

2.1

CWE

200

1/7/2015

6/8/2024

CVE-2015-1951: Infoleak

First published: Wed Jul 01 2015(Updated: )

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.1.1
IBM Maximo Asset Management	=7.1.1.1
IBM Maximo Asset Management	=7.1.1.2
IBM Maximo Asset Management	=7.1.1.5
IBM Maximo Asset Management	=7.1.1.6
IBM Maximo Asset Management	=7.1.1.7
IBM Maximo Asset Management	=7.1.1.8
IBM Maximo Asset Management	=7.1.1.9
IBM Maximo Asset Management	=7.1.1.10
IBM Maximo Asset Management	=7.1.1.11
IBM Maximo Asset Management	=7.1.1.12
IBM Maximo Asset Management	=7.1.1.13
IBM Maximo Asset Management	=7.5.0.0
IBM Maximo Asset Management	=7.5.0.1
IBM Maximo Asset Management	=7.5.0.2
IBM Maximo Asset Management	=7.5.0.3
IBM Maximo Asset Management	=7.5.0.4
IBM Maximo Asset Management	=7.5.0.5
IBM Maximo Asset Management	=7.5.0.6
IBM Maximo Asset Management	=7.5.0.7
IBM Maximo Asset Management	=7.5.0.8
IBM Maximo Asset Management	=7.6.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-1951?
CVE-2015-1951 is classified as a medium severity vulnerability.
How do I fix CVE-2015-1951?
To fix CVE-2015-1951, you should apply the latest security patches provided by IBM for your version of Maximo Asset Management.
What versions of IBM Maximo Asset Management are affected by CVE-2015-1951?
CVE-2015-1951 affects IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005.
What kind of attack can exploit CVE-2015-1951?
CVE-2015-1951 can be exploited by physically proximate attackers to obtain sensitive local-cache information from an unattended workstation.
Does CVE-2015-1951 involve HTTPS response caching issues?
Yes, CVE-2015-1951 specifically involves the inability to prevent caching of HTTPS responses.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/last-modified-date
agent/severity
agent/tags
agent/first-publish-date
agent/description
agent/event
agent/source
vendor/ibm
canonical/ibm maximo asset management
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.1.1
version/ibm maximo asset management/7.1.1.1
version/ibm maximo asset management/7.1.1.2
version/ibm maximo asset management/7.1.1.5
version/ibm maximo asset management/7.1.1.6
version/ibm maximo asset management/7.1.1.7
version/ibm maximo asset management/7.1.1.8
version/ibm maximo asset management/7.1.1.9
version/ibm maximo asset management/7.1.1.10
version/ibm maximo asset management/7.1.1.11
version/ibm maximo asset management/7.1.1.12
version/ibm maximo asset management/7.1.1.13
version/ibm maximo asset management/7.5.0.0
version/ibm maximo asset management/7.5.0.1
version/ibm maximo asset management/7.5.0.2
version/ibm maximo asset management/7.5.0.3
version/ibm maximo asset management/7.5.0.4
version/ibm maximo asset management/7.5.0.5
version/ibm maximo asset management/7.5.0.6
version/ibm maximo asset management/7.5.0.7
version/ibm maximo asset management/7.5.0.8
version/ibm maximo asset management/7.6.0.0

Frequently Asked Questions

What is the severity of CVE-2015-1951?
CVE-2015-1951 is classified as a medium severity vulnerability.
How do I fix CVE-2015-1951?
To fix CVE-2015-1951, you should apply the latest security patches provided by IBM for your version of Maximo Asset Management.
What versions of IBM Maximo Asset Management are affected by CVE-2015-1951?
CVE-2015-1951 affects IBM Maximo Asset Management versions 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005.
What kind of attack can exploit CVE-2015-1951?
CVE-2015-1951 can be exploited by physically proximate attackers to obtain sensitive local-cache information from an unattended workstation.
Does CVE-2015-1951 involve HTTPS response caching issues?
Yes, CVE-2015-1951 specifically involves the inability to prevent caching of HTTPS responses.

CVE-2015-1951: Infoleak

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-1951?

How do I fix CVE-2015-1951?

What versions of IBM Maximo Asset Management are affected by CVE-2015-1951?

What kind of attack can exploit CVE-2015-1951?

Does CVE-2015-1951 involve HTTPS response caching issues?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-1951?

How do I fix CVE-2015-1951?

What versions of IBM Maximo Asset Management are affected by CVE-2015-1951?

What kind of attack can exploit CVE-2015-1951?

Does CVE-2015-1951 involve HTTPS response caching issues?