Boletines de Vulnerabilidades

IBM Security Bulletin: Security Vulnerability in IBM Maximo Asset Management (CVE-2015-1951) allows cacheable HTTPS response

Información sobre el sistema
   
Software afectado IBM

Descripción
A vulnerability in Maximo Asset Management could allow an attacker to obtain sensitive information which is stored in a local cache. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities), SmartCloud Control Desk, Tivoli Asset Management for IT,

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_security_vulnerability_in_ibm_maximo_asset_management_cve_2015_1951_allows_cacheable_https_response?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2015-1951 ,CVE-2014-4776 ,CVE-2014-3570 ,CVE-2014-4768 ,CVE-2015-1901 and CVE-2013-2566.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-06-23

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT