Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm maximo asset management 7.6.0.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-4582
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167...
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.1
8.2
CVSSv3
CVE-2020-4463
IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181484.
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.2
1 Github repository
5.4
CVSSv3
CVE-2021-29744
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Maximo Application Suite 8.4
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.1
5.4
CVSSv3
CVE-2016-5905
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 prior to 7.5.0.10 IF3 and 7.6 prior to 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.5.0.4
4.3
CVSSv3
CVE-2016-0289
shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 prior to 7.5.0.10 and 7.6 prior to 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors.
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.5
Ibm Maximo Asset Management 7.1
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.5.0.2
5.3
CVSSv3
CVE-2016-0393
IBM Maximo Asset Management 7.5 prior to 7.5.0.10-TIV-MBS-IFIX002 and 7.6 prior to 7.6.0.5-TIV-MAMMT-FP001 allows remote malicious users to obtain sensitive URL information by reading log files.
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.0.5
5.4
CVSSv3
CVE-2016-0262
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 up to and including 7.1.1.3, 7.5.0 prior to 7.5.0.9 IFIX004, and 7.6.0 prior to 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.1.1.3
Ibm Maximo Asset Management 7.1.1.2
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.4
4.3
CVSSv3
CVE-2017-1357
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to manipulate work orders to forge emails which could be used to conduct further advanced attacks. IBM X-Force ID: 126684.
Ibm Maximo Asset Management Essentials 7.5.0.10
Ibm Maximo Asset Management Essentials 7.6.0.7
Ibm Maximo Asset Management Essentials 7.6.0.6
Ibm Maximo Asset Management Essentials 7.6.0.5
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.6.0.7
Ibm Maximo Asset Management Essentials 7.5.0.2
Ibm Maximo Asset Management Essentials 7.5.0.3
Ibm Maximo Asset Management Essentials 7.5.0.4
Ibm Maximo Asset Management Essentials 7.5.0.5
Ibm Maximo Asset Management Essentials 7.6.0.0
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.6.0.2
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management Essentials 7.5.0.0
Ibm Maximo Asset Management Essentials 7.5.0.7
2.9
CVSSv3
CVE-2017-1124
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local malicious user to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053.
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1.10
Ibm Maximo Asset Management 7.1.1.11
Ibm Maximo Asset Management 7.1.1.12
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management 7.1.1.3
Ibm Maximo Asset Management 7.1.1.6
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo Asset Management 7.5.0.7
Ibm Maximo Asset Management 7.6.0.5
Ibm Maximo Asset Management 7.1.1.7
Ibm Maximo Asset Management 7.1.1.8
Ibm Maximo Asset Management 7.6
Ibm Maximo Asset Management 7.6.0.0
5.3
CVSSv3
CVE-2016-5987
IBM Maximo Asset Management 7.1 up to and including 7.1.1.13, 7.5 prior to 7.5.0.10 IF4, and 7.6 prior to 7.6.0.5 IF3 allows remote malicious users to obtain sensitive information via a crafted HTTP request that triggers construction of a runtime error message.
Ibm Maximo Asset Management 7.5.0.0
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.3
Ibm Maximo Asset Management 7.5.0.4
Ibm Maximo Asset Management 7.5.0.6
Ibm Maximo Asset Management 7.1.1.12
Ibm Maximo Asset Management 7.1.1.2
Ibm Maximo Asset Management 7.1.1.9
Ibm Maximo Asset Management 7.6.0.4
Ibm Maximo Asset Management 7.1.0.0
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo Asset Management 7.5.0.9
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1.10
Ibm Maximo Asset Management 7.5.0.1
Ibm Maximo Asset Management 7.5.0.10
Ibm Maximo Asset Management 7.5.0.2
Ibm Maximo Asset Management 7.5.0.3
Ibm Maximo Asset Management 7.1.1.3
Ibm Maximo Asset Management 7.1.1.5
Ibm Maximo Asset Management 7.1.1.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »