CVE-2019-4303
- EPSS 0.23%
- Published 19.06.2019 14:15:10
- Last modified 21.11.2024 04:43:26
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tr...
CVE-2018-2028
- EPSS 0.08%
- Published 06.06.2019 01:29:00
- Last modified 21.11.2024 04:03:36
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. IBM X-Force ID: 155554.
CVE-2019-4048
- EPSS 0.08%
- Published 06.06.2019 01:29:00
- Last modified 21.11.2024 04:43:05
IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive information from a previous user of the same machine. IBM X-Force ID: 156311.
CVE-2019-4056
- EPSS 0.2%
- Published 06.06.2019 01:29:00
- Last modified 21.11.2024 04:43:05
IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. IBM X-Force ID: 156565.
CVE-2015-5016
- EPSS 0.11%
- Published 27.03.2018 17:29:00
- Last modified 21.11.2024 02:32:11
IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended ac...