Ibm

Maximo For Utilities

45 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2019-4303

  • EPSS 0.23%
  • Published 19.06.2019 14:15:10
  • Last modified 21.11.2024 04:43:26

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tr...

4.3

CVE-2019-4056

  • EPSS 0.2%
  • Published 06.06.2019 01:29:00
  • Last modified 21.11.2024 04:43:05

IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. IBM X-Force ID: 156565.

2.1

CVE-2019-4048

  • EPSS 0.08%
  • Published 06.06.2019 01:29:00
  • Last modified 21.11.2024 04:43:05

IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive information from a previous user of the same machine. IBM X-Force ID: 156311.

6.5

CVE-2018-2028

  • EPSS 0.08%
  • Published 06.06.2019 01:29:00
  • Last modified 21.11.2024 04:03:36

IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. IBM X-Force ID: 155554.

4.3

CVE-2018-1528

  • EPSS 0.16%
  • Published 06.08.2018 14:29:00
  • Last modified 21.11.2024 03:59:57

IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. IBM X-Force ID: 142290.

9

CVE-2018-1524

  • EPSS 0.39%
  • Published 03.08.2018 15:29:00
  • Last modified 21.11.2024 03:59:57

IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID:...

4.3

CVE-2015-5016

  • EPSS 0.11%
  • Published 27.03.2018 17:29:00
  • Last modified 21.11.2024 02:32:11

IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended ac...

6.5

CVE-2015-0107

  • EPSS 7.17%
  • Published 24.04.2017 06:59:00
  • Last modified 20.04.2025 01:37:25

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX...

8.8

CVE-2015-0104

  • EPSS 2.04%
  • Published 24.04.2017 06:59:00
  • Last modified 20.04.2025 01:37:25

IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX...

6.1

CVE-2016-5902

  • EPSS 0.32%
  • Published 08.02.2017 22:59:00
  • Last modified 20.04.2025 01:37:25

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...