Lucene search
+L

90 matches found

ibm
ibm
added 2018/06/17 3:3 p.m.22 views

Security Bulletin: Security Vulnerability in IBM Maximo Asset Management (CVE-2015-1951) allows cacheable HTTPS response

Summary A vulnerability in Maximo Asset Management could allow an attacker to obtain sensitive information which is stored in a local cache. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization,...

2.1CVSS0.3AI score0.00329EPSS
Exploits0Affected Software13
ibm
ibm
added 2018/06/17 2:55 p.m.26 views

Security Bulletin: Cross-Site Scripting (XSS) and Remote Code Execution Vulnerabilities Affecting Asset and Service Management (CVE-2015-0104, CVE-2015-0107, CVE-2015-0108, CVE-2015-0109)

Summary There are cross-site scripting and remove code execution vulnerabilities in code that is used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

8.8CVSS0.7AI score0.06849EPSS
Exploits2Affected Software11
ibm
ibm
added 2018/06/17 2:1 p.m.41 views

Security Vulnerabilities Addressed in Asset and Service Mgmt

Abstract Security Bulletin: Security vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Manager, Change and Configuration Mgmt Database. See Vulnerability Details for CVE IDs Content VULNERABILITY DETAILS: CVE ID: CVE-2011-1394, CVE-2011-1395, CVE-2011-1396,...

6.8CVSS6.8AI score0.02584EPSS
Exploits1Affected Software12
ptsecurity
ptsecurity
added 2018/05/23 12:0 a.m.6 views

PT-2018-17586 · Micro Focus · Hp Universal Cmdb +2

Name of the Vulnerable Software and Affected Versions: Micro Focus Universal CMDB versions 10.20 through 10.33, 11.0 Micro Focus CMS versions 4.10 through 4.15.1 Micro Focus UCMDB Browser versions 4.10 through 4.15.1 Description: The issue is related to Cross-Site Scripting XSS, which could be...

6.3CVSS5.6AI score0.00653EPSS
Exploits0References3
osv
osv
added 2018/02/22 10:29 p.m.7 views

CVE-2018-6488

Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...

9.8CVSS5.8AI score0.01845EPSS
Exploits0References1
cve
cve
added 2017/04/24 6:12 a.m.62 views

CVE-2015-0104

CVE-2015-0104 affects IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Change and Configuration Management Database (7.2, 7.1) and Maximo Asset Management/Maximo Industry Solutions (7.1–7.1.1.8, 7.5 before 7.5.0.7 IFIX003, 7.6 before 7.6.0.0 IFIX002). The issue is a Remote C...

8.8CVSS8.6AI score0.06849EPSS
Exploits2References2Affected Software11
nessus
nessus
added 2016/07/25 12:0 a.m.143 views

HP UCMDB Server Java Deserialization RCE

The HP Universal Configuration Management Database UCMDB Server running on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can...

9.8CVSS9.7AI score0.04734EPSS
Exploits0References3
osv
osv
added 2016/06/08 2:59 p.m.5 views

CVE-2016-4367

The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors...

7.5CVSS5.8AI score0.07541EPSS
Exploits0References2
cnvd
cnvd
added 2015/12/02 12:0 a.m.9 views

Password expiration vulnerability in multiple IBM products

IBM Maximo Asset Management is a product of IBM Corporation.Maximo Asset Management and Maximo Asset Management Essentials are comprehensive asset lifecycle and maintenance management solutions.SmartCloud Control Desk SCCD is a unified asset and service management software.Tivoli IT Asset...

5.5CVSS6.4AI score0.00661EPSS
Exploits0References1
nessus
nessus
added 2015/09/22 12:0 a.m.37 views

HP Universal Configuration Management Database Server (UCMDB) Local Information Disclosure (HPSBGN03504)

The version of HP Universal Configuration Management Database Server UCMDB running on the remote web server is affected by an unspecified local information disclosure vulnerability. A local attacker can exploit this to gain access to admin or root password information. C Tenable Network Security,...

4.9CVSS5.6AI score0.00574EPSS
Exploits0References3
nessus
nessus
added 2015/03/18 12:0 a.m.96 views

HP Universal Configuration Management Database Server Authentication Bypass

The version of HP Universal Configuration Management Database Server running on the remote web server is affected by an authentication bypass vulnerability due to the JMX-Console component performing access control only for GET and POST methods. A remote attacker, using the HTTP HEAD method, can...

5CVSS5.7AI score0.37022EPSS
Exploits5References2
nessus
nessus
added 2015/03/18 12:0 a.m.28 views

HP Universal Configuration Management Database Data Flow Probe Gateway Cross-Site Tracing

The version of HP Universal Configuration Management Database Data Flow Probe Gateway running on the remote web server is affected by a cross-site tracing vulnerability. A remote attacker can exploit this to gain access to information in HTTP headers such as cookies and authentication data...

5.6AI score
Exploits0References1
attackerkb
attackerkb
added 2014/07/07 11:1 a.m.3 views

CVE-2014-2616

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091...

7.5CVSS6AI score0.08129EPSS
Exploits0References5
nvd
nvd
added 2014/05/26 4:55 p.m.17 views

CVE-2014-0824

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140321-1336 and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB 7....

3.5CVSS5.3AI score0.00936EPSS
Exploits0References3
prion
prion
added 2014/05/26 4:55 p.m.18 views

Sql injection

SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 a...

6.5CVSS8.3AI score0.01029EPSS
Exploits0References3Affected Software7
cve
cve
added 2014/05/26 4:0 p.m.55 views

CVE-2013-6741

The CVE-2013-6741 issue affects IBM Maximo Asset Management and related IBM Tivoli products, allowing remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error. Affected products include Maximo Asset Management 7.x (before 7.1.1.7 LAFIX.20140319...

3.5CVSS5.9AI score0.00951EPSS
Exploits0References3Affected Software1
cve
cve
added 2014/05/26 4:0 p.m.55 views

CVE-2014-0825

The CVE-2014-0825 entry describes an XSS vulnerability in openreport.jsp affecting IBM Maximo Asset Management 7.x (including 7.1, 7.5 ranges) and related Tivoli/SmartCloud components, where remote authenticated users can inject arbitrary web script or HTML via a crafted report parameter. The IBM...

3.5CVSS5.3AI score0.00936EPSS
Exploits0References3Affected Software4
securityvulns
securityvulns
added 2014/04/21 12:0 a.m.71 views

[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04220407 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04220407 Version: 1 HPSBMU02988 rev....

4CVSS0.2AI score0.01155EPSS
Exploits1
seebug
seebug
added 2014/04/21 12:0 a.m.41 views

HP Universal Configuration Management Database远程代码执行漏洞

Bugtraq ID:66963 CVE ID:CVE-2013-6215 HP Universal Configuration Management Database是惠普公司的统一配置管理数据库应用。 HP Universal Configuration Management Database存在一个未明安全漏洞,允许远程攻击者利用漏洞以应用程序上下文执行任意代码。 0 HP Universal Configuration Management Database Integration Service v10.01 HP Universal Configuration...

8.5CVSS6.6AI score0.02594EPSS
Exploits1
seebug
seebug
added 2014/04/21 12:0 a.m.29 views

HP Universal Configuration Management Database远程代码执行漏洞

Bugtraq ID:66962 CVE ID:CVE-2013-6214 HP Universal Configuration Management Database是惠普公司的统一配置管理数据库应用。 HP Universal Configuration Management Database存在一个未明安全漏洞,允许远程攻击者利用漏洞获取敏感信息。 0 HP Universal Configuration Management Database Integration Service v9.05 HP Universal Configuration Management...

4CVSS6.6AI score0.01155EPSS
Exploits1
Rows per page
Query Builder