607 matches found
Security Bulletin: Apache Tomcat is vulnerable to CVE-2023-41080 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Apache Tomcat, which is vulnerable to CVE-2023-41080. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-41080 DESCRIPTION: Apache Tomcat could allow a remote attacker to condu...
Security Bulletin: Tornado is vulnerable to 263690 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses tornado, which is vulnerable to 263690. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details IBM X-Force ID: 263690 DESCRIPTION: Tornado Web Server is vulnerable to HTTP request smuggling, caus...
Security Bulletin: JSON-java is vulnerable to CVE-2023-5072 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses JSON-java, which is vulnerable to CVE-2023-5072. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: JSON-java is vulnerable to a denial of service, caused by ...
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to CVE-2023-38737 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-38737. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-38737 DESCRIPTION: IBM WebSphere Application...
Security Bulletin: Pydash is vulnerable to CVE-2023-26145 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses pydash, which is vulnerable to CVE-2023-26145. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-26145 DESCRIPTION: Python pydash package could allow a remote attacker to...
Security Bulletin: Urllib3 is vulnerable to CVE-2023-43804 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-43804. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obta...
Security Bulletin: Systeminformation is vulnerable to CVE-2023-42810 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses systeminformation which is vulnerable to CVE-2023-42810. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID: CVE-2023-42810 DESCRIPTION: systeminformation could allow a remote attacker ...
Security Bulletin: There is a vulnerability in jetty-http-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-26049)
Summary There is a vulnerability in jetty-http-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite CVE-2023-26049 Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive informatio...
Security Bulletin: There is a vulnerability in jetty-server-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-26049)
Summary There is a vulnerability in jetty-server-9.4.48.v20220622.jar used by IBM Maximo Manage application in IBM Maximo Application Suite CVE-2023-26049 Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in...
Security Bulletin: There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453)
Summary There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-34455 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk...
Security Bulletin: There is a vulnerability in netty used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462)
Summary There is a vulnerability in netty used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel during the TLS...
Security Bulletin: The Bouncy Castle Crypto Package For Java (bc-java) component is vulnerable to CVE-2023-33201 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses The Bouncy Castle Crypto Package For Java bc-java package which is vulnerable to CVE-2023-33201. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive...
Security Bulletin: VMware Tanzu Spring for Apache Kafka is vulnerable to CVE-2023-34040 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring for Apache Kafka which is vulnerable to CVE-2023-34040. Vulnerability Details CVEID:CVE-2023-34040 DESCRIPTION: VMware Tanzu Spring for Apache Kafka could allow a local authenticated attacker to execute arbitrary co...
Security Bulletin: Certifi is vulnerable to CVE-2023-37920 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Certifi which is vulnerable to CVE-2023-37920. Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in Certifi has an unknown impact and attack vector. CVSS Base scor...
Security Bulletin: Okio GzipSource is vulnerable to CVE-2023-3635 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses Okio GzipSource which is vulnerable to CVE-2023-3635. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzip buffe...
IBM Maximo Application Suite Cross-Site Scripting Vulnerability
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite version 8.9, version 8.10, and IBM Maxim...
PT-2023-23733 · Ibm · Ibm Maximo Application Suite +1
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.9 through 8.10 IBM Maximo Asset Management versions 7.6.1.2 through 7.6.1.3 Description: A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web...
Security Bulletin: There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite ( CVE-2023-32697)
Summary There is a vulnerability in SQLite JDBC used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-32697 DESCRIPTION: SQLite JDBC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when JDB...
Security Bulletin: Jettison component is vulnerable to CVE-2022-45685 and CVE-2022-45693 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses Jettison package which is vulnerable to CVE-2022-45685 and CVE-2022-45693. Vulnerability Details CVEID:CVE-2022-45685 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending an overly long string usi...
Security Bulletin: Google Guava component is vulnerable to CVE-2023-2976 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses Google Guava package which is vulnerable to CVE-2023-2976. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary...