51 matches found
Security Bulletin: There is a vulnerability in jetty-server-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-26049)
Summary There is a vulnerability in jetty-server-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite CVE-2023-26049 Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in...
Security Bulletin: There is a vulnerability in JSZip used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-48285)
Summary There is a vulnerability in JSZip used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-48285 DESCRIPTION: JSZip could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize filenames when file...
CVE-2023-27861
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...
Information disclosure
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...
CVE-2023-27861
CVE-2023-27861 affects IBM Maximo Application Suite – Manage Component versions 8.8.0 and 8.9.0, where sensitive information is transmitted in cleartext, enabling potential disclosure via man-in-the-middle. Root cause: insecure communication in the Manage component. Impact per sources: informatio...
IBM Maximo Application Suite 安全漏洞
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite - Manage Component version 8.8.0, versio...
PT-2023-21380 · Ibm · Ibm Maximo Application Suite
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite - Manage Component versions 8.8.0 through 8.9.0 Description: The issue concerns the transmission of sensitive information in cleartext, which could be intercepted by an attacker using man-in-the-middle techniques...
Security Bulletin: There are several vulnerabilities in jackson-databind used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-42003, CVE-2022-42004)
Summary There are several vulnerabilities in jackson-databind used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitiv...
Security Bulletin: There is a vulnerability in GraphQL used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-37734)
Summary There is a vulnerability in GraphQL used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-37734 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By sending a...
Security Bulletin: There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-31160)
Summary There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio...
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22436)
Summary IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. Vulnerability Details CVEID: CVE-2022-22436 DESCRIPTION: IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows...