Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-1283)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5, 6, 7, and 8 that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Industry Solutions including Maximo for Government, Maximo...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2016-0377)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: IBM Maximo Asset Management could allow a local attacker to obtain information due to the autocomplete feature on password input fields (CVE-2015-1933)

Summary The autocomplete attribute of the password field on the Maximo Asset Management Login page is not set to false. This vulnerability could allow a local attacker to obtain account access. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-3183)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-4947)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Asset and Service Management (CVE-2014-0114)

Summary WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maxim...

Security Bulletin: Potential security vulnerabilities with JavaTM SDKs

Summary Smarter Infrastructure Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. See Vulnerability Details for CVE IDs. Vulnerability Details CVE IDs: CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-4041...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2016-5986)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2016-0385)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: IBM Maximo Asset Management contains a misconfiguration that could allow an authenticated user to view backup and debug application files which could contain sensitive information (CVE-2015-4965)

Summary IBM Maximo Asset Management configuration allows an authenticated user to view backup and debug application files. This vulnerability could allow a local attacker to obtain sensitive information. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with Asset and Service Management (CVE-2016-2183)

Summary IBM HTTP Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1381)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: Security vulnerabilities have been identified in IBM® DB2® shipped with Asset and Service Management (CVE-2014-0907)

Summary IBM DB2 is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities, Tivo...

Security Bulletin: Cross-Site Scripting Security Vulnerability in IBM Maximo Asset Management (CVE-2015-4944)

Summary A cross-site scripting vulnerability in Maximo Asset Management could allow an attacker to execute script in a victim's Web browser, within the security context of the hosting Web site. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry...

Security Bulletin: Security Vulnerability in IBM WebSphere Application Server (CVE-2015-1920) affects Asset and Service Management

Summary A vulnerability in WebSphere Application Server could allow a remote attacker to execute arbitrary code by connecting to a management port and executing a specific sequence of instructions. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-1946)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-7450)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: Security vulnerabilities have been identified in IBM® DB2® shipped with Asset and Service Management (CVE-2013-6747, CVE-2014-0963)

Summary IBM DB2 is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities, Tivo...

Security Bulletin: IBM Maximo Asset Management could allow an authenticated user to change work orders that the user should not have access to change (CVE-2015-7395)

Summary IBM Maximo Asset Management contains a vulnerability which could allow an authenticated user to change work orders that the user should not have access to change due to improper access control. This vulnerability could allow a local attacker to compromise data integrity. The vulnerability...