{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T21:17:31.582","vulnerabilities":[{"cve":{"id":"CVE-2017-1291","sourceIdentifier":"psirt@us.ibm.com","published":"2017-05-26T16:29:00.163","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 125152."},{"lang":"es","value":"Maximo Asset Management versiones 7.5 y 7.6 de IBM, es vulnerable a ataques de división de respuestas HTTP. Un atacante remoto podría explotar esta vulnerabilidad usando una URL especialmente diseñada para causar que el servidor devuelva una respuesta dividida, una vez que se haga clic en la URL. Esto permitiría al atacante realizar nuevos ataques, como envenenamiento de caché web, cross-Site scripting y, posiblemente, obtener información confidencial. ID de IBM X-Force: 125152."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*","matchCriteriaId":"1AEBAE48-FFD0-4837-AB3B-F6C31B1AC8D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*","matchCriteriaId":"58B773C7-9386-4704-B85F-748578DBC242"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5:*:*:*:*:*:*:*","matchCriteriaId":"598EAB6C-7D41-46FE-BB32-D31014CA01D6"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=swg22003413","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/125152","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.ibm.com/support/docview.wss?uid=swg22003413","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/125152","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}