IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
IBM
Information Disclosure
Maximo Asset Management
NVD
CVSS 3.0
2.9
EPSS
0.0%