Ibm

Smartcloud Control Desk

65 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2013-5465

  • EPSS 0.39%
  • Veröffentlicht 26.05.2014 16:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, and 7.5.0.4 before IFIX011; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1...

6.5

CVE-2013-4016

  • EPSS 0.31%
  • Veröffentlicht 26.05.2014 16:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX00...

3.5

CVE-2013-5460

  • EPSS 0.16%
  • Veröffentlicht 26.05.2014 16:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and read communication logs associated with unrelated re...

6

CVE-2013-5464

  • EPSS 0.22%
  • Veröffentlicht 26.05.2014 16:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrict...

3.5

CVE-2013-2998

  • EPSS 0.18%
  • Veröffentlicht 26.05.2014 11:14:51
  • Zuletzt bearbeitet 12.04.2025 10:46:40

frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive information via an invalid action_code.

4.3

CVE-2012-3333

  • EPSS 0.25%
  • Veröffentlicht 26.05.2014 11:14:51
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting atta...

3.5

CVE-2013-5402

  • EPSS 0.18%
  • Veröffentlicht 18.12.2013 16:04:33
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for ...

6.5

CVE-2012-6357

  • EPSS 0.22%
  • Veröffentlicht 20.02.2013 12:09:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges and bypass intended restrictions on asset-lookup operations via unspecified vectors.

6.5

CVE-2012-6355

  • EPSS 0.39%
  • Veröffentlicht 20.02.2013 12:09:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management ...

6.5

CVE-2012-6356

  • EPSS 0.39%
  • Veröffentlicht 20.02.2013 12:09:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to an import operation.