607 matches found
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to information disclosure (CVE-2022-41734)
Summary IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to information disclosure. Vulnerability Details CVEID:CVE-2022-41734 DESCRIPTION: IBM Maximo Asset Management could allow a remote attacker to obtain sensitive information whe...
Security Bulletin: IBM Maximo Asset Management, IBM Maximo Manage in IBM Maximo Application Suite and IBM Maximo Manage in IBM Maximo Application Suite as a Service may be affected by XML External Entity (XXE) attacks (CVE-2021-33813)
Summary IBM Maximo Asset Management, IBM Maximo Manage in IBM Maximo Application Suite and IBM Maximo Manage in IBM Maximo Application Suite as a Service may be affected by XML External Entity XXE attacks. Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of...
CVE-2022-35281 IBM Maximo Application Suite command injection
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335...
Security Bulletin: A vulnerability in kafka affects IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-34917)
Summary There is a vulnerability in kafka that is used by the IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-34917 DESCRIPTION: Apache Kafka is vulnerable to a denial of service, caused by improper input validation. By sending a specially-craft...
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite may be vulnerable to arbitrary code execution due to Apache Log4j 1.2 (CVE-2021-4104)
Summary A vulnerability in Apache Log4j 1.2 CVE-2021-4104 may affect IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite, which utilize log4j for its logging functionality. Although no known vulnerability impact has been proven, it is strongly...
Security Bulletin: Multiple vulnerabilities fixed in IBM Maximo Application Suite Monitor
Summary IBM Maximo Application Suite Monitor is vulnerable to Multiple vulnerabilities. See Vulnerability Details. This has been addressed in each of the components; refer to the Remediation section for details. Vulnerability Details CVEID: CVE-2020-15265 DESCRIPTION: Tensorflow is vulnerable to ...
Security Bulletin: IBM Maximo Application Suite is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)
Summary Apache log4j 2 library is used by IBM Maximo Application Suite internal components. This bulletin provides remediation for the Apache log4j 2 vulnerability CVE-2021-44228 by applying a new Maximo Application suite fixpack. The fix includes Apache Log4j2 2.15.0. Vulnerability Details CVEID...