50 matches found
Security Bulletin: There is a vulnerability in commons-lang3-3.4.jar used by IBM Maximo Asset Management application (CVE-2025-48924)
Summary There is a vulnerability in commons-lang3-3.4.jarused by IBM Maximo Asset Management application CVE-2025-48924 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
CVE-2024-22333
IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 279973...
Security Bulletin: IBM Maximo Asset Management application is vulnerable to unrestricted file upload( CVE-2024-45088)
Summary IBM Maximo Asset Management is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
IBM Maximo Asset Management 跨站脚本漏洞
IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for...
Security Bulletin: There is a vulnerability in GraphQL Java used by IBM Maximo Asset Management application (CVE-2024-40094)
Summary There is a vulnerability in GraphQL Java used by IBM Maximo Asset Management application CVE-2024-40094 Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly consider...
Security Bulletin: Maximo Asset Management- A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-45072)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-45073)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...
PT-2025-2682 · Ibm +1 · Ibm Maximo Asset Management +1
Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management version 7.6.1.3 Description: The issue concerns an unrestricted file upload vulnerability in the MXAPIASSET API. This vulnerability allows an authenticated low-privileged user to upload restricted file types by...
IBM Maximo Asset Management Cross-Site Scripting Vulnerability (CNVD-2024-45434)
IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for...
CVE-2024-45088 IBM Maximo Asset Management cross-site scripting
IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
IBM Maximo Asset Management 跨站脚本漏洞
IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for...
Security Bulletin: There is a vulnerability in plotly.js used by IBM Maximo Asset Management application (CVE-2023-46308)
Summary There is a vulnerability in plotly.js used by IBM Maximo Asset Management application CVE-2023-46308 Vulnerability Details CVEID:CVE-2023-46308 DESCRIPTION: Plotly plotly.js could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the...
Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-22329)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...
Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-37532)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera and...
Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2023-51775)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...
Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Maximo Asset and Service Management (CVE-2024-35153)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...
IBM Maximo Application Suite Cross-Site Scripting Vulnerability
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Maximo Application Suite version 7.6.1.3, which stems...
CVE-2024-27266
CVE-2024-27266 affects IBM Maximo Application Suite in the Maximo Asset Management/Manage component (example: MAS 7.6.1.3). The vulnerability is XML External Entity (XXE) processing, enabling a remote attacker to disclose sensitive data or consume memory resources. IBM and Red Hat/IBM bulletin re...
CVE-2023-38723
IBM Maximo Application Suite (CVE-2023-38723) is reported as a stored cross-site scripting vulnerability affecting the Maximo Manage component. The IBM Security Bulletin lists affected MAS versions: MAS Manage 8.10.0–8.6.0 and MAS Manage 8.11.0–8.6.0, with fixed releases recommended as MAS 8.10.7...
Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting (CVE-2023-38723)
Summary IBM Maximo Asset Management is vulnerable to cross-site scripting. Vulnerability Details CVEID:CVE-2023-38723 DESCRIPTION: IBM Maximo Application Suite is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...