Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm maximo asset management vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-27864
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 249327.
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Asset Management 7.6.1.3
5.4
CVSSv3
CVE-2021-20374
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...
Ibm Maximo Asset Management 7.6.1
Ibm Maximo Asset Management 7.6.0
5.4
CVSSv3
CVE-2022-43866
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
Ibm Maximo Asset Management 7.6.1.2
Ibm Maximo Asset Management 7.6.1.3
5.4
CVSSv3
CVE-2020-4223
IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Ibm Maximo Asset Management 7.6.1.1
Ibm Maximo Asset Management 7.6.0.10
5.5
CVSSv3
CVE-2017-1352
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
Ibm Maximo Asset Management 7.5
Ibm Maximo Asset Management 7.6
8.8
CVSSv3
CVE-2016-9984
IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated malicious user to execute arbitrary commands on the system as administrator. IBM X-Force ID: 120276.
Ibm Maximo Asset Management 7.5
Ibm Maximo Asset Management 7.6
8.2
CVSSv3
CVE-2020-4463
IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181484.
Ibm Maximo Asset Management 7.6.0.1
Ibm Maximo Asset Management 7.6.0.2
1 Github repository
7.4
CVSSv3
CVE-2020-4529
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID:...
Ibm Maximo Asset Management 7.6.0.0
Ibm Maximo Asset Management 7.6.1.0
NA
CVE-2015-4967
SQL injection vulnerability in IBM Maximo Asset Management 7.1 up to and including 7.1.1.13, 7.5.0 prior to 7.5.0.8 IFIX004, and 7.6.0 prior to 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x prior to 7.5.0.8 IFIX004 and 7.6.0 prior to 7.6.0.1 IFIX002 for SmartCloud Control Desk; ...
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo For Nuclear Power 7.5.0.2
Ibm Maximo Asset Management 7.1.1.13
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo For Utilities 7.5.0.4
Ibm Maximo Asset Management 7.1.1.5
Ibm Maximo For Utilities 7.1
Ibm Maximo For Life Sciences 7.5.0.0
Ibm Maximo Asset Management 7.1.1.7
Ibm Maximo For Life Sciences 7.5.0.3
Ibm Maximo For Nuclear Power 7.1
Ibm Maximo For Oil And Gas 7.5.0.0
Ibm Maximo For Transportation 7.5.0.3
Ibm Maximo For Government 7.5.0.2
Ibm Maximo For Transportation 7.5.0.0
Ibm Maximo Asset Management 7.1.1.10
Ibm Maximo For Life Sciences 7.5.0.1
Ibm Maximo Asset Management 7.1.1.8
Ibm Maximo For Utilities 7.5.0.1
Ibm Maximo Asset Management 7.5.0.4
Ibm Smartcloud Control Desk 7.5
Ibm Maximo Asset Management 7.1.1.12
NA
CVE-2015-4965
maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 up to and including 7.1.1.13, 7.5.0 prior to 7.5.0.8 IFIX004, and 7.6.0 prior to 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x prior to 7.5.0.8 IFIX004 and 7.6.0 prior to 7.6.0.1 IFIX002 for Sm...
Ibm Maximo Asset Management 7.5.0.8
Ibm Maximo For Nuclear Power 7.5.0.2
Ibm Maximo Asset Management 7.1.1.13
Ibm Maximo Asset Management 7.5.0.5
Ibm Maximo For Utilities 7.5.0.4
Ibm Maximo Asset Management 7.1.1.5
Ibm Maximo For Utilities 7.1
Ibm Maximo For Life Sciences 7.5.0.0
Ibm Maximo Asset Management 7.1.1.7
Ibm Maximo For Life Sciences 7.5.0.3
Ibm Maximo For Nuclear Power 7.1
Ibm Maximo For Oil And Gas 7.5.0.0
Ibm Maximo For Transportation 7.5.0.3
Ibm Maximo For Government 7.5.0.2
Ibm Maximo For Transportation 7.5.0.0
Ibm Maximo Asset Management 7.1.1.10
Ibm Maximo For Life Sciences 7.5.0.1
Ibm Maximo Asset Management 7.1.1.8
Ibm Maximo For Utilities 7.5.0.1
Ibm Maximo Asset Management 7.5.0.4
Ibm Smartcloud Control Desk 7.5
Ibm Maximo Asset Management 7.1.1.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »