Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm maximo asset management vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-4583
IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 167289.
Ibm Maximo Asset Management 7.6.0.10
Ibm Maximo Asset Management 7.6.1.1
4
CVSSv2
CVE-2019-4582
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167...
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.1
NA
CVE-2023-27864
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 249327.
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Asset Management 7.6.1.3
3.5
CVSSv2
CVE-2021-20374
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...
Ibm Maximo Asset Management 7.6.0
Ibm Maximo Asset Management 7.6.1
NA
CVE-2022-43866
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Asset Management 7.6.1.3
NA
CVE-2023-27860
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. This information could be used in further attacks against the system. IBM X-Force ID: 249207.
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Asset Management 7.6.1.3
6
CVSSv2
CVE-2017-1352
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
Ibm Maximo Asset Management 7.6
Ibm Maximo Asset Management 7.5
3.5
CVSSv2
CVE-2020-4223
IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Ibm Maximo Asset Management 7.6.0.10
Ibm Maximo Asset Management 7.6.1.1
6.4
CVSSv2
CVE-2020-4463
IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181484.
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.2
1 Github repository
NA
CVE-2022-35714
IBM Maximo Asset Management 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...
Ibm Maximo Asset Management 7.6.1.1
Ibm Maximo Asset Management 7.6.1.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »