Vulnerabilities > CVE-2005-1601 - Unspecified vulnerability in MRO Software Maximo Self Service 4.0/5.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mro-software

NVD

Published: 2005-05-16

Updated: 2024-11-20

Summary

MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServer.properties.

Vulnerable Configurations

Part	Description	Count
Application	Mro_Software MRO Software Maximo Self Service 4.0 MRO Software Maximo Self Service 5.0	2

References

http://secunia.com/advisories/15176
http://secunia.com/advisories/15176
http://www.osvdb.org/16161
http://www.osvdb.org/16161
http://www.securityfocus.com/archive/1/397522
http://www.securityfocus.com/archive/1/397522
http://www.securityfocus.com/bid/13508
http://www.securityfocus.com/bid/13508
https://exchange.xforce.ibmcloud.com/vulnerabilities/20452
https://exchange.xforce.ibmcloud.com/vulnerabilities/20452