CVE-2016-0393

MEDIUM

IBM Maximo Asset Management <7.5.0.10-TIV-MBS-IFIX002, <7.6.0.5-TIV...

Title source: llm

Description

IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21986053

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91744

Scores

CVSS v3 5.3

EPSS 0.0021

EPSS Percentile 42.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-200

Status draft

Affected Products (17)

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

ibm/maximo_asset_management

... and 2 more

Timeline

Published Jul 17, 2016

Tracked Since Feb 18, 2026