CVE-2016-5896

Published: Feb 1, 2017Modified: May 13, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.

Affected (6)

Products: Ibm: Maximo Asset Management, Maximo For Aviation, Maximo For Life Sciences, Maximo For Nuclear Power, Maximo For Oil And Gas, Maximo For Transportation

6 products

Maximo Asset Management

Maximo For Aviation

Maximo For Life Sciences

Maximo For Nuclear Power

Maximo For Oil And Gas

Maximo For Transportation

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Ibm Maximo Asset Management	Version 7.6
Ibm Maximo For Aviation	Version 7.6
Ibm Maximo For Life Sciences	Version 7.6
Ibm Maximo For Nuclear Power	Version 7.6
Ibm Maximo For Oil And Gas	Version 7.6
Ibm Maximo For Transportation	Version 7.6

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.ibm.com/support/docview.wss?uid=swg21987855

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/93872

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

http://www.ibm.com/support/docview.wss?uid=swg21987855

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/93872

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.