Lucene search
K

31 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.54 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5, 6, 7, and 8 that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Industry Solutions including Maximo for Government, Maximo...

9.6CVSS7.8AI score0.04885EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:44 p.m.21 views

Security Bulletin: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914)

Summary Cross-site scripting security vulnerability on Query Description Field in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, and SmartCloud Control Desk. Vulnerability Details DESCRIPTION: Customers who have Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions...

3.5CVSS1.5AI score0.0107EPSS
Exploits0Affected Software10
NVD
NVD
added 2014/05/26 4:55 p.m.16 views

CVE-2014-0824

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140321-1336 and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB 7....

3.5CVSS5.3AI score0.00936EPSS
Exploits0References3
Prion
Prion
added 2014/05/26 4:55 p.m.18 views

Sql injection

SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 a...

6.5CVSS8.3AI score0.01029EPSS
Exploits0References3Affected Software7
CVE
CVE
added 2014/05/26 4:0 p.m.54 views

CVE-2013-6741

The CVE-2013-6741 issue affects IBM Maximo Asset Management and related IBM Tivoli products, allowing remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error. Affected products include Maximo Asset Management 7.x (before 7.1.1.7 LAFIX.20140319...

3.5CVSS5.9AI score0.00951EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2013/12/18 4:4 p.m.20 views

CVE-2013-5402

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities 7.1.x through 7.1.1.12, 7.1.2, 7.5 befo...

3.5CVSS5.2AI score0.00946EPSS
Exploits0References4
NVD
NVD
added 2012/09/10 5:55 p.m.17 views

CVE-2012-2183

Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote attackers to hijack web...

6.8CVSS6.6AI score0.02021EPSS
Exploits0References5
NVD
NVD
added 2012/09/10 5:55 p.m.24 views

CVE-2012-2184

Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote attackers to hijack web...

6.8CVSS6.6AI score0.01309EPSS
Exploits0References4
NVD
NVD
added 2012/09/10 5:55 p.m.19 views

CVE-2012-0746

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to inject...

3.5CVSS5.2AI score0.00946EPSS
Exploits0References4
Prion
Prion
added 2012/09/10 5:55 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to inject...

3.5CVSS5.5AI score0.00946EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2012/09/10 5:55 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote attackers to inject...

4.3CVSS6AI score0.01161EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2012/09/10 5:55 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote attackers to inject arbitrary w...

4.3CVSS6AI score0.01161EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2012/09/10 5:55 p.m.20 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote attackers to...

6.8CVSS7.5AI score0.01047EPSS
Exploits0References6Affected Software6
Prion
Prion
added 2012/09/10 5:55 p.m.21 views

Sql injection

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to execute...

6.5CVSS8.3AI score0.0104EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2012/09/10 5:55 p.m.20 views

Sql injection

SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to execute arbitrary S...

6.5CVSS8.3AI score0.0104EPSS
Exploits0References4Affected Software6
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.21 views

CVE-2012-0746

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to inject...

5.2AI score0.00946EPSS
Exploits0References4
CVE
CVE
added 2012/09/10 5:0 p.m.51 views

CVE-2012-2183

IBM’s advisory confirms CVE-2012-2183 is a session-fixation vulnerability affecting IBM Maximo Asset Management products (7.5, 7.1, 6.2) and related offerings (SmartCloud Control Desk, Tivoli IT/Service Request Manager, Maximo Service Desk, CCMDB). The issue originates from how web sessions are e...

6.8CVSS6.7AI score0.02021EPSS
Exploits0References5Affected Software6
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.26 views

CVE-2012-0728

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to execute...

7.8AI score0.0104EPSS
Exploits0References4
CVE
CVE
added 2012/09/10 5:0 p.m.49 views

CVE-2012-3326

Summary: CVE-2012-3326 is a Cross-Site Scripting (XSS) vulnerability affecting IBM Maximo Asset Management 7.5 and related products (SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, CCMDB). The issue arises in the web interface allowing...

4.3CVSS5.8AI score0.01161EPSS
Exploits0References4Affected Software6
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.27 views

CVE-2012-0747

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to execute...

7.8AI score0.0104EPSS
Exploits0References5
Rows per page
Query Builder