Vulnerabilities > CVE-2005-1601 - Unspecified vulnerability in MRO Software Maximo Self Service 4.0/5.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServer.properties.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |