What is the severity of CVE-2017-1124?

CVE-2017-1124 has been rated as a medium severity vulnerability.

How can I fix CVE-2017-1124?

Fixing CVE-2017-1124 involves applying the necessary security patches released by IBM for affected versions of Maximo Asset Management.

Which versions of IBM Maximo Asset Management are affected by CVE-2017-1124?

CVE-2017-1124 affects IBM Maximo Asset Management versions 7.1, 7.5, and 7.6, including specific subversions.

What type of attack does CVE-2017-1124 allow?

CVE-2017-1124 allows a local attacker to perform HTTP Header Injection to obtain sensitive information.

What should I do if I am using a vulnerable version of IBM Maximo Asset Management regarding CVE-2017-1124?

If you are using a vulnerable version of IBM Maximo Asset Management, you should upgrade to a patched version to mitigate the vulnerability.

Vulnerability/
CVE-2017-1124

low

2.9

CWE

200

7/3/2017

5/8/2024

CVE-2017-1124: Infoleak

First published: Tue Mar 07 2017(Updated: )

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.1.1
IBM Maximo Asset Management	=7.1.1.1
IBM Maximo Asset Management	=7.1.1.2
IBM Maximo Asset Management	=7.1.1.3
IBM Maximo Asset Management	=7.1.1.5
IBM Maximo Asset Management	=7.1.1.6
IBM Maximo Asset Management	=7.1.1.7
IBM Maximo Asset Management	=7.1.1.8
IBM Maximo Asset Management	=7.1.1.9
IBM Maximo Asset Management	=7.1.1.10
IBM Maximo Asset Management	=7.1.1.11
IBM Maximo Asset Management	=7.1.1.12
IBM Maximo Asset Management	=7.1.2
IBM Maximo Asset Management	=7.5.0.0
IBM Maximo Asset Management	=7.5.0.1
IBM Maximo Asset Management	=7.5.0.2
IBM Maximo Asset Management	=7.5.0.3
IBM Maximo Asset Management	=7.5.0.4
IBM Maximo Asset Management	=7.5.0.5
IBM Maximo Asset Management	=7.5.0.6
IBM Maximo Asset Management	=7.5.0.7
IBM Maximo Asset Management	=7.5.0.8
IBM Maximo Asset Management	=7.5.0.9
IBM Maximo Asset Management	=7.5.0.10
IBM Maximo Asset Management	=7.6
IBM Maximo Asset Management	=7.6.0.0
IBM Maximo Asset Management	=7.6.0.1
IBM Maximo Asset Management	=7.6.0.2
IBM Maximo Asset Management	=7.6.0.3
IBM Maximo Asset Management	=7.6.0.4
IBM Maximo Asset Management	=7.6.0.5

Remedy

http://www.ibm.com/support/docview.wss?uid=swg21998053

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1124?
CVE-2017-1124 has been rated as a medium severity vulnerability.
How can I fix CVE-2017-1124?
Fixing CVE-2017-1124 involves applying the necessary security patches released by IBM for affected versions of Maximo Asset Management.
Which versions of IBM Maximo Asset Management are affected by CVE-2017-1124?
CVE-2017-1124 affects IBM Maximo Asset Management versions 7.1, 7.5, and 7.6, including specific subversions.
What type of attack does CVE-2017-1124 allow?
CVE-2017-1124 allows a local attacker to perform HTTP Header Injection to obtain sensitive information.
What should I do if I am using a vulnerable version of IBM Maximo Asset Management regarding CVE-2017-1124?
If you are using a vulnerable version of IBM Maximo Asset Management, you should upgrade to a patched version to mitigate the vulnerability.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/remedy
agent/last-modified-date
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm maximo asset management
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.1.1
version/ibm maximo asset management/7.1.1.1
version/ibm maximo asset management/7.1.1.2
version/ibm maximo asset management/7.1.1.3
version/ibm maximo asset management/7.1.1.5
version/ibm maximo asset management/7.1.1.6
version/ibm maximo asset management/7.1.1.7
version/ibm maximo asset management/7.1.1.8
version/ibm maximo asset management/7.1.1.9
version/ibm maximo asset management/7.1.1.10
version/ibm maximo asset management/7.1.1.11
version/ibm maximo asset management/7.1.1.12
version/ibm maximo asset management/7.1.2
version/ibm maximo asset management/7.5.0.0
version/ibm maximo asset management/7.5.0.1
version/ibm maximo asset management/7.5.0.2
version/ibm maximo asset management/7.5.0.3
version/ibm maximo asset management/7.5.0.4
version/ibm maximo asset management/7.5.0.5
version/ibm maximo asset management/7.5.0.6
version/ibm maximo asset management/7.5.0.7
version/ibm maximo asset management/7.5.0.8
version/ibm maximo asset management/7.5.0.9
version/ibm maximo asset management/7.5.0.10
version/ibm maximo asset management/7.6
version/ibm maximo asset management/7.6.0.0
version/ibm maximo asset management/7.6.0.1
version/ibm maximo asset management/7.6.0.2
version/ibm maximo asset management/7.6.0.3
version/ibm maximo asset management/7.6.0.4
version/ibm maximo asset management/7.6.0.5