Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm maximo asset management 7.6.0.2 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-4463
IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181484.
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.2
1 Github repository
3.5
CVSSv2
CVE-2016-5905
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 prior to 7.5.0.10 IF3 and 7.6 prior to 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.5.0.4
4
CVSSv2
CVE-2016-0289
shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 prior to 7.5.0.10 and 7.6 prior to 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors.
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.5
Ibm Maximo Asset Management 7.1
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.5.0.2
5
CVSSv2
CVE-2016-0393
IBM Maximo Asset Management 7.5 prior to 7.5.0.10-TIV-MBS-IFIX002 and 7.6 prior to 7.6.0.5-TIV-MAMMT-FP001 allows remote malicious users to obtain sensitive URL information by reading log files.
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.5
3.5
CVSSv2
CVE-2016-0262
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 up to and including 7.1.1.3, 7.5.0 prior to 7.5.0.9 IFIX004, and 7.6.0 prior to 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.1.1.3
Ibm Maximo Asset Management 7.1.1.2
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.4
4
CVSSv2
CVE-2017-1357
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to manipulate work orders to forge emails which could be used to conduct further advanced attacks. IBM X-Force ID: 126684.
Ibm Maximo Asset Management Essentials 7.5.0.10
Ibm Maximo Asset Management Essentials 7.6.0.7
Ibm Maximo Asset Management Essentials 7.6.0.6
Ibm Maximo Asset Management Essentials 7.6.0.5
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.6.0.7
Ibm Maximo Asset Management Essentials 7.5.0.2
Ibm Maximo Asset Management Essentials 7.5.0.3
Ibm Maximo Asset Management Essentials 7.5.0.4
Ibm Maximo Asset Management Essentials 7.5.0.5
Ibm Maximo Asset Management Essentials 7.6.0.0
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management Essentials 7.5.0.0
Ibm Maximo Asset Management Essentials 7.5.0.7
1.9
CVSSv2
CVE-2017-1124
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local malicious user to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053.
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1.10
Ibm Maximo Asset Management 7.1.1.11
Ibm Maximo Asset Management 7.1.1.12
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management 7.1.1.3
Ibm Maximo Asset Management 7.1.1.6
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.6.0.5
Ibm Maximo Asset Management 7.1.1.7
Ibm Maximo Asset Management 7.1.1.8
Ibm Maximo Asset Management 7.6
Ibm Maximo Asset Management 7.6.0.0
5
CVSSv2
CVE-2016-5987
IBM Maximo Asset Management 7.1 up to and including 7.1.1.13, 7.5 prior to 7.5.0.10 IF4, and 7.6 prior to 7.6.0.5 IF3 allows remote malicious users to obtain sensitive information via a crafted HTTP request that triggers construction of a runtime error message.
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.1.1.12
Ibm Maximo Asset Management 7.1.1.2
Ibm Maximo Asset Management 7.1.1.9
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.1.0.0
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1.10
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.1.1.3
Ibm Maximo Asset Management 7.1.1.5
Ibm Maximo Asset Management 7.1.1.6
3.5
CVSSv2
CVE-2019-4749
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Ibm Control Desk 7.6.1
Ibm Control Desk 7.6.1.1
Ibm Maximo Asset Configuration Manager 7.6.6
Ibm Maximo Asset Configuration Manager 7.6.7
Ibm Maximo Asset Configuration Manager 7.6.7.1
Ibm Maximo Asset Health Insights 7.6.1
Ibm Maximo Asset Health Insights 7.6.1.1
Ibm Maximo Asset Management 7.6.1.1
Ibm Maximo Asset Management Scheduler 7.6.7
Ibm Maximo Asset Management Scheduler 7.6.7.1
Ibm Maximo Asset Management Scheduler 7.6.7.3
Ibm Maximo Asset Management Scheduler Plus 7.6.7
Ibm Maximo Asset Management Scheduler Plus 7.6.7.1
Ibm Maximo Asset Management Scheduler Plus 7.6.7.3
Ibm Maximo Calibration 7.6
Ibm Maximo Enterprise Adapter 7.6
Ibm Maximo Enterprise Adapter 7.6.1
Ibm Maximo Equipment Maintenance Assistant -
Ibm Maximo For Aviation 7.6.6
Ibm Maximo For Aviation 7.6.7
Ibm Maximo For Aviation 7.6.8
Ibm Maximo For Life Sciences 7.6
4.3
CVSSv2
CVE-2019-4644
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Ibm Control Desk 7.6.1
Ibm Control Desk 7.6.1.1
Ibm Maximo Asset Configuration Manager 7.6.6
Ibm Maximo Asset Configuration Manager 7.6.7
Ibm Maximo Asset Configuration Manager 7.6.7.1
Ibm Maximo Asset Health Insights 7.6.1
Ibm Maximo Asset Health Insights 7.6.1.1
Ibm Maximo Asset Management 7.6.1.1
Ibm Maximo Asset Management Scheduler 7.6.7
Ibm Maximo Asset Management Scheduler 7.6.7.1
Ibm Maximo Asset Management Scheduler 7.6.7.3
Ibm Maximo Asset Management Scheduler Plus 7.6.7
Ibm Maximo Asset Management Scheduler Plus 7.6.7.1
Ibm Maximo Asset Management Scheduler Plus 7.6.7.3
Ibm Maximo Calibration 7.6
Ibm Maximo Enterprise Adapter 7.6
Ibm Maximo Enterprise Adapter 7.6.1
Ibm Maximo Equipment Maintenance Assistant -
Ibm Maximo For Aviation 7.6.6
Ibm Maximo For Aviation 7.6.7
Ibm Maximo For Aviation 7.6.8
Ibm Maximo For Life Sciences 7.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »