5.3
CVE-2023-27860
- EPSS 0.16%
- Veröffentlicht 27.04.2023 19:15:20
- Zuletzt bearbeitet 21.11.2024 07:53:35
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Maximo Asset Management information disclosure
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. This information could be used in further attacks against the system. IBM X-Force ID: 249207.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Maximo Asset Management Version7.6.1.2
Ibm ≫ Maximo Asset Management Version7.6.1.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.367 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| psirt@us.ibm.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.