CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1601

MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServer.properties.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://secunia.com/advisories/15176
http://www.osvdb.org/16161
http://www.securityfocus.com/archive/1/397522
http://www.securityfocus.com/bid/13508
https://exchange.xforce.ibmcloud.com/vulnerabilities/20452
http://secunia.com/advisories/15176
http://www.osvdb.org/16161
http://www.securityfocus.com/archive/1/397522
http://www.securityfocus.com/bid/13508
https://exchange.xforce.ibmcloud.com/vulnerabilities/20452

Products affected by CVE-2005-1601

Mro Software » Maximo Self Service » Version: 4.0

cpe:2.3:a:mro_software:maximo_self_service:4.0
Mro Software » Maximo Self Service » Version: 5.0

cpe:2.3:a:mro_software:maximo_self_service:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1601

Products

Pricing

Contact Us