CVE-2019-4745
First published: Fri Feb 21 2020(Updated: )
IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL. IBM X-Force ID: 172883.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Maximo Asset Management | =7.6.1.0 | |
| Ibm Maximo For Aviation | =7.6.6 | |
| Ibm Maximo For Aviation | =7.6.7 | |
| Ibm Maximo For Aviation | =7.6.8 | |
| Ibm Maximo For Life Sciences | =7.6 | |
| Ibm Maximo For Nuclear Power | =7.6.1 | |
| Ibm Maximo For Oil And Gas | =7.6.1 | |
| Ibm Maximo For Transportation | =7.6.2.3 | |
| Ibm Maximo For Transportation | =7.6.2.4 | |
| Ibm Maximo For Transportation | =7.6.2.5 | |
| Ibm Maximo For Utilities | =7.6.0.1 | |
| Ibm Maximo For Utilities | =7.6.0.2 | |
| <=7.6.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-4745.
What is the severity level of CVE-2019-4745?
CVE-2019-4745 has a severity level of 4.3 (medium).
How does CVE-2019-4745 affect IBM Maximo Asset Management?
CVE-2019-4745 affects IBM Maximo Asset Management version 7.6.1.0.
How can a remote attacker exploit CVE-2019-4745?
A remote attacker can exploit CVE-2019-4745 by disclosing path information in the URL, which allows them to access sensitive information.
Is there a fix available for CVE-2019-4745?
Yes, IBM has provided a fix for CVE-2019-4745. Please refer to the IBM support page for more information.
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm maximo asset management
- version/ibm maximo asset management/7.6.1.0
- canonical/ibm maximo for aviation
- version/ibm maximo for aviation/7.6.6
- version/ibm maximo for aviation/7.6.7
- version/ibm maximo for aviation/7.6.8
- canonical/ibm maximo for life sciences
- version/ibm maximo for life sciences/7.6
- canonical/ibm maximo for nuclear power
- version/ibm maximo for nuclear power/7.6.1
- canonical/ibm maximo for oil and gas
- version/ibm maximo for oil and gas/7.6.1
- canonical/ibm maximo for transportation
- version/ibm maximo for transportation/7.6.2.3
- version/ibm maximo for transportation/7.6.2.4
- version/ibm maximo for transportation/7.6.2.5
- canonical/ibm maximo for utilities
- version/ibm maximo for utilities/7.6.0.1
- version/ibm maximo for utilities/7.6.0.2