IBM Maximo Asset Management contains a vulnerability that could allow a remote authenticated user to view ticket worklog entries that they should not have access to. This vulnerability could allow a local attacker to obtain sensitive information.
The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities), SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database.
Check out: IBM Help
& Contact us!