Ibm

Maximo For Government

29 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2013-3323

  • EPSS 0.53%
  • Published 18.02.2020 17:15:12
  • Last modified 21.11.2024 01:53:23

A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthori...

4.3

CVE-2015-5016

  • EPSS 0.11%
  • Published 27.03.2018 17:29:00
  • Last modified 21.11.2024 02:32:11

IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended ac...

6.5

CVE-2015-0107

  • EPSS 7.17%
  • Published 24.04.2017 06:59:00
  • Last modified 20.04.2025 01:37:25

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX...

8.8

CVE-2015-0104

  • EPSS 2.04%
  • Published 24.04.2017 06:59:00
  • Last modified 20.04.2025 01:37:25

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX...

6.1

CVE-2016-5902

  • EPSS 0.32%
  • Published 08.02.2017 22:59:00
  • Last modified 20.04.2025 01:37:25

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...

4.3

CVE-2016-0222

  • EPSS 0.11%
  • Published 14.03.2016 01:59:01
  • Last modified 12.04.2025 10:46:40

IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors.

6.5

CVE-2015-7448

  • EPSS 0.13%
  • Published 12.03.2016 15:59:01
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCl...

4.9

CVE-2015-7487

  • EPSS 0.05%
  • Published 27.01.2016 05:59:01
  • Last modified 12.04.2025 10:46:40

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX002, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX002, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo As...

4.3

CVE-2015-5051

  • EPSS 0.14%
  • Published 03.01.2016 05:59:09
  • Last modified 12.04.2025 10:46:40

IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access...

5.5

CVE-2015-5017

  • EPSS 0.11%
  • Published 03.01.2016 05:59:03
  • Last modified 12.04.2025 10:46:40

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX002 for SmartCloud Control Desk; and Maximo As...