Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm maximo asset management vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-4591
IBM Maximo Asset Management 7.6.0 and 7.6.1 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 167451.
Ibm Maximo Asset Management
7.5
CVSSv3
CVE-2022-41734
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 237587.
Ibm Maximo Application Suite 8.4
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Asset Management 7.6.1.3
Ibm Maximo Application Suite 8.5
7.5
CVSSv3
CVE-2021-38924
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163.
Ibm Maximo Asset Management 7.6.1.1
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Application Suite 8.7
Ibm Maximo Application Suite 8.8
7.5
CVSSv3
CVE-2021-38935
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 210892.
Ibm Maximo Asset Management 7.6.1.2
7.5
CVSSv3
CVE-2019-4430
IBM Maximo Asset Management 7.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162887.
Ibm Maximo Asset Management 7.6
7.4
CVSSv3
CVE-2020-4529
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID:...
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.1.0
7.2
CVSSv3
CVE-2021-29854
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which wi...
Ibm Maximo Asset Management 7.6.1.1
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Application Suite 8.7
6.5
CVSSv3
CVE-2019-4478
IBM Maximo Asset Management 7.6.0, and 7.6.1 could allow an authenticated user to obtain highly sensitive information that they should not normally have access to. IBM X-Force ID: 163998.
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.1
Ibm Maximo Asset Management 7.6.1.1
6.5
CVSSv3
CVE-2019-4530
IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586.
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.1
Ibm Maximo Asset Management 7.6.1.1
6.5
CVSSv3
CVE-2018-2028
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the malicious user to obtain highly sensitive information. IBM X-Force ID: 155554.
Ibm Maximo For Life Sciences 7.6
Ibm Smartcloud Control Desk -
Ibm Tivoli Integration Composer -
Ibm Maximo For Aviation 7.6
Ibm Maximo Asset Management 7.6
Ibm Maximo For Utilities 7.6
Ibm Maximo For Aviation 7.6.2.1
Ibm Maximo For Transportation 7.6.2.1
Ibm Maximo For Transportation 7.6.2.2
Ibm Maximo For Transportation 7.6.2.3
Ibm Maximo For Transportation 7.6.2.4
Ibm Maximo For Aviation 7.6.1
Ibm Maximo For Aviation 7.6.2
Ibm Maximo For Aviation 7.6.3
Ibm Maximo For Transportation 7.6.2
Ibm Maximo For Transportation 7.6.1
Ibm Maximo For Oil And Gas 7.6.0
Ibm Maximo For Nuclear Power 7.6.0
Ibm Control Desk 7.6.0.1
Ibm Control Desk 7.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »