Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Open redirect vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the uisessionid parameter to an unspecified component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Maximo Asset Management ‘uisessionid参数’开放重定向漏洞
Vulnerability Description
IBM Maximo Asset Management软件为所有资产类型提供综合性资产生命周期和维护管理。 IBM Maximo Asset Management和Asset Management Essentials 6.2版本、7.1版本和7.5版本中存在开放重定向漏洞。远程认证用户可利用该漏洞借助传入未明组件的uisessionid参数,重定向用户至任意网站进而执行钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A