Lucene search

Maximo Security Vulnerabilities

cve

CVE-2008-3161

Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Accept, (2) Accept-Language, (3) UA-CPU, (4) Accept-Encoding, (5) User-Agent, or (6) Cookie HTTP header. NOTE: the p...

5.6AI Score

0.002EPSS

2008-07-14 06:41 PM

cve

CVE-2022-35281

IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335.

8.8CVSS

8.4AI Score

0.002EPSS

2023-01-09 08:15 AM

cve

CVE-2022-41732

IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.

6.2CVSS

5.1AI Score

0.0004EPSS

2022-11-28 05:15 PM