Ibm

Maximo Asset Management

182 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2022-35714

  • EPSS 0.38%
  • Published 26.08.2022 18:15:09
  • Last modified 21.11.2024 07:11:32

IBM Maximo Asset Management 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...

7.2

CVE-2021-29854

  • EPSS 0.06%
  • Published 03.05.2022 19:15:07
  • Last modified 21.11.2024 06:01:55

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inj...

5.4

CVE-2022-22435

  • EPSS 0.22%
  • Published 21.04.2022 17:15:08
  • Last modified 21.11.2024 06:46:47

IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within ...

5.4

CVE-2022-22436

  • EPSS 0.22%
  • Published 21.04.2022 17:15:08
  • Last modified 21.11.2024 06:46:47

IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within ...

7.5

CVE-2021-38935

  • EPSS 0.18%
  • Published 18.02.2022 18:15:09
  • Last modified 21.11.2024 06:18:14

IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 210892.

5.4

CVE-2021-29743

  • EPSS 0.15%
  • Published 30.08.2021 17:15:07
  • Last modified 21.11.2024 06:01:43

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

5.4

CVE-2021-29744

  • EPSS 0.16%
  • Published 27.08.2021 16:15:07
  • Last modified 21.11.2024 06:01:43

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

10

CVE-2021-20509

  • EPSS 0.76%
  • Published 12.08.2021 16:15:10
  • Last modified 21.11.2024 05:46:41

IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 198243.

5.4

CVE-2021-20374

  • EPSS 0.21%
  • Published 19.05.2021 20:15:07
  • Last modified 21.11.2024 05:46:29

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

9.8

CVE-2020-4493

  • EPSS 0.62%
  • Published 05.10.2020 14:15:13
  • Last modified 21.11.2024 05:32:48

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTTP command. IBM X-Force ID: 181995.