CVE-2013-4020

CVE-2013-4020 affects IBM Maximo Asset Management and related products: Maximo Asset Management 6.2.x, 7.1.x, and 7.5 prior to 7.5.0.3 allow remote authenticated users to bypass access restrictions via unspecified vectors. The connected IBM bulletin and NVD entry confirm the affected versions and...

CVE-2013-3049

IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3971...

CVE-2013-5382

CVE-2013-5382 affects IBM Maximo Asset Management family (6.2–6.2.8, 7.1 before 7.1.1.12, 7.5 before 7.5.0.5). The vulnerability allows remote authenticated users to gain privileges via unspecified vectors (distinct from CVE-2013-5383). IBM’s vendor bulletin lists multiple APARs tied to this CVE ...

CVE-2013-5395

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to bypass intended access restrictions via unspecified vectors...

CVE-2013-4021

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to conduct unspecified file-inclusion attacks via unknown vectors...

CVE-2013-3047

CVE-2013-3047 affects IBM Maximo Asset Management family: Maximo Asset Management 7.5, 7.1 (and related solutions) 7.1.1.0–7.1.1.11, 7.5.0.0–7.5.0.5; specifically 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allow remote authenticated users to gain privileges via unspecified vectors. The IBM X-FOCU...

CVE-2013-5383

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382...

CVE-2013-4014

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-3323

IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors...

CVE-2013-4020

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to bypass intended access restrictions via unspecified vectors...

CVE-2013-3972

IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors...

CVE-2012-3323

CVE-2012-3323 affects IBM Maximo Asset Management and related Maximo products: 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3. The vulnerability allows remote attackers to gain privileges via unspecified vectors (CVSS v2 base score 6.8, vector AV:N/AC:M/Au:N/C:P/I:P/A:P). IBM’s sec...

CVE-2013-0451

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2013-4018

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors...

CVE-2013-5395

CVE-2013-5395 affects IBM Maximo Asset Management and related products. Affected: Maximo Asset Management 6.2–6.2.8; 7.1 before 7.1.1.12; 7.5 before 7.5.0.5. Issue: remote attackers can bypass intended access restrictions via unspecified vectors. Evidence: IBM Flash with detailed product list and...

CVE-2013-5381

CVE-2013-5381 affects IBM Maximo Asset Management and related products. Affects: Maximo Asset Management 6.2 (6.2.0–6.2.8), 7.1 (up to 7.1.1.12), and 7.5 prior to 7.5.0.3. Description: remote authenticated users can gain privileges via unspecified vectors. No further technical exploit specifics a...

CVE-2013-5380

CVE-2013-5380 affects IBM Maximo Asset Management family: 6.2 (6.2.0–6.2.8), 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5. It enables local users to obtain sensitive information via unspecified vectors (information disclosure). The IBM security bulletin lists numerous product variants impacted and...

CVE-2013-4021

CVE-2013-4021 affects IBM Maximo Asset Management and related products (Maximo Asset Management 6.2.x up to 6.2.8; 7.1 up to 7.1.1.12; 7.5 up to 7.5.0.5) and several IBM Maximo/Tivoli components. The vulnerability is described as an unspecified remote file-inclusion issue exploitable by remote au...

CVE-2013-4014

CVE-2013-4014 is a cross-site scripting (XSS) vulnerability affecting IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM’s bulletin lists affected product...

CVE-2013-4013

CVE-2013-4013 affects IBM Maximo Asset Management and related Maximo offerings. Affects: Maximo Asset Management 6.2.x (6.2.0–6.2.8), 7.1.x (7.1.0–7.1.1.12), and 7.5 (before 7.5.0.2). Issue: information disclosure via unspecified vectors that allow remote attackers to obtain sensitive data. CVSS ...