CVE-2015-1951
IBM Maximo Asset Management 7.1-7.1.1.13, 7.5.0-7.5.0.8, 7.6.0-7.6.0.0 - Sensitive Info Exposure via HTTPS Caching
Title source: llmDescription
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75340
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21959613
Scores
EPSS
0.0033
EPSS Percentile
24.8%
Details
CWE
CWE-200
Status
published
Products (23)
ibm/maximo_asset_management
7.1
ibm/maximo_asset_management
7.1.1
ibm/maximo_asset_management
7.1.1.1
ibm/maximo_asset_management
7.1.1.2
ibm/maximo_asset_management
7.1.1.5
ibm/maximo_asset_management
7.1.1.6
ibm/maximo_asset_management
7.1.1.7
ibm/maximo_asset_management
7.1.1.8
ibm/maximo_asset_management
7.1.1.9
ibm/maximo_asset_management
7.1.1.10
... and 13 more
Published
Jul 01, 2015
Tracked Since
Feb 18, 2026