Lucene search
K

607 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:33 p.m.19 views

Security Bulletin: Cisco node-jose is vulnerable to CVE-2023-25653 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Cisco node-jose which is vulnerable to CVE-2023-25653. Vulnerability Details CVEID:CVE-2023-25653 DESCRIPTION: Cisco node-jose is vulnerable to a denial of service, caused by improper calculations in ECC implementation. By sending a...

7.5CVSS7.4AI score0.00552EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:23 p.m.28 views

Security Bulletin: Node.js http-cache-semantics module is vulnerable to CVE-2022-25881 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Node.js http-cache-semantics modulewhich is vulnerable to CVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression...

7.5CVSS6.8AI score0.01613EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:20 p.m.21 views

Security Bulletin: OAuthlib is vulnerable to CVE-2022-36087 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses OAuthlib which is vulnerable to CVVE-2022-36087. Vulnerability Details CVEID:CVE-2022-36087 DESCRIPTION: OAuthlib is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using...

6.5CVSS5.9AI score0.01258EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/12 4:50 p.m.28 views

Security Bulletin: There are several vulnerabilities in Liberty used by the IBM Maximo Manage application in the IBM Maximo Application Suite

Summary There are several vulnerabilities in Liberty used by the IBM Maximo Manage application in the IBM Maximo Application Suite. These vulnerabiblities have been addressed. Vulnerability Details CVEID:CVE-2023-0482 DESCRIPTION: RESTEasy could allow a local authenticated attacker to gain elevat...

9.8CVSS8.3AI score0.02114EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 2:16 p.m.29 views

Security Bulletin: There is a vulnerability in JSZip used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-48285)

Summary There is a vulnerability in JSZip used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-48285 DESCRIPTION: JSZip could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize filenames when file...

7.3CVSS7.6AI score0.01411EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 1:40 p.m.44 views

Security Bulletin: SnakeYaml is vulnerable to CVE-2022-1471 used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses SnakeYaml which is vulnerable to CVE-2022-1471. IBM has addressed the vulnerability. Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

9.8CVSS9.4AI score0.99615EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/20 9:23 p.m.13 views

Security Bulletin: Python Cryptographic Authority cryptography is vulnerable to IBM X-Force ID: 239927 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Python Cryptographic Authority cryptography which is vulnerable to IBM X-Force ID: 239927. IBM has addressed the vulnerability. Vulnerability Details IBM X-Force ID: 239927 DESCRIPTION: Python Cryptographic Authority cryptography is vulnerable to a buffer...

8.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/05 7:33 p.m.32 views

Security Bulletin: Node.js http-cache-semantics module is vulnerable to CVE-2022-25881 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Node.js http-cache-semantics module which is vulnerable to CVE-2022-25881. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression denial of service...

7.5CVSS6.8AI score0.01613EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/05 7:28 p.m.53 views

Security Bulletin: Pallets Flask is vulnerable to CVE-2023-30861 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Pallets Flask which is vulnerable to CVE-2023-30861 Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending a specially crafted...

7.5CVSS7.4AI score0.01261EPSS
Exploits1Affected Software1
NVD
NVD
added 2023/06/05 1:15 a.m.18 views

CVE-2023-27861

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

5.9CVSS5.5AI score0.00338EPSS
Exploits0References2
NVD
NVD
added 2023/06/05 1:15 a.m.18 views

CVE-2023-32334

IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255074...

5.3CVSS4.4AI score0.00642EPSS
Exploits0References3
OSV
OSV
added 2023/06/05 1:15 a.m.3 views

CVE-2023-27861

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

5.9CVSS6.2AI score0.00338EPSS
Exploits0References2
OSV
OSV
added 2023/06/05 1:15 a.m.2 views

CVE-2023-32334

IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255074...

5.3CVSS6.1AI score0.00642EPSS
Exploits0References3
Prion
Prion
added 2023/06/05 1:15 a.m.21 views

Information disclosure

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

2.6CVSS5.3AI score0.00338EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/05 12:23 a.m.10 views

CVE-2023-27861 IBM Maximo Application Suite information disclosure

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

5.9CVSS6AI score0.00338EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/05 12:0 a.m.5 views

IBM Maximo Application Suite 安全漏洞

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A security vulnerability exists in IBM Maximo Application Suite - Manage Component version 8.8.0, versio...

5.9CVSS6AI score0.00338EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/05 12:0 a.m.6 views

IBM Maximo Asset Management和IBM Maximo Application Suite 安全漏洞

IBM Maximo Asset Management and IBM Maximo Application Suite are both products of International Business Machines IBM.IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution. The solution is capable of managing all types of assets such as facilities,...

5.3CVSS5.7AI score0.00642EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.3 views

PT-2023-23734 · Ibm · Ibm Maximo Application Suite +1

Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management versions 7.6.1.2 through 7.6.1.3 IBM Maximo Application Suite version 8.8.0 Description: The software stores sensitive information in URL parameters, which may lead to information disclosure if unauthorized parties...

5.3CVSS5AI score0.00642EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 11:50 p.m.29 views

Security Bulletin: IBM Maximo Manage in IBM Maximo Application Suite is vulnerable to Insecure Communication (CVE-2023-27861)

Summary IBM Maximo Manage in IBM Maximo Application Suite is vulnerable to Insecure Communication. Vulnerability Details CVEID:CVE-2023-27861 DESCRIPTION: IBM Maximo Application Suite - Manage Component transmits sensitive information in cleartext that could be intercepted by an attacker using ma...

5.9CVSS5.6AI score0.00338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 8:20 p.m.35 views

Security Bulletin: VMware Tanzu Spring Security is vulnerable to CVE-2022-31692 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite VMware Tanzu Spring Security is vulnerable to CVE-2022-31692 Vulnerability Details CVEID:CVE-2022-31692 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions, caused by a flaw when using forward or include...

9.8CVSS9.3AI score0.03425EPSS
Exploits3Affected Software1
Rows per page
Query Builder