Security Bulletin: IBM Maximo Spatial Asset Management is vulnerable to Blind Server-Side Request Forgery (CVE-2023-32337)

Summary IBM Maximo Spatial Asset Management is vulnerable to Blind Server-Side Request Forgery Vulnerability Details CVEID:CVE-2023-32337 DESCRIPTION: IBM Maximo Spatial Asset Management is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthoriz...

IBM Maximo Spatial Asset Management Server-Side Request Forgery Vulnerability

IBM Maximo Spatial Asset Management is an asset management lifecycle and workflow process management system from International Business Machines IBM. IBM Maximo Spatial Asset Management suffers from a server-side request forgery vulnerability that can be exploited by a remote attacker to submit a...

CVE-2023-32337

IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288...

CVE-2023-32337

IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288...

Server side request forgery (ssrf)

IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288...

CVE-2023-32337 IBM Maximo Spatial Asset Management server-side request forgery

IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288...

CVE-2023-32337

CVE-2023-32337: IBM Maximo Spatial Asset Management is affected by a server-side request forgery (SSRF). IBM and Red Hat advisories confirm the vulnerability and list affected variants, including IBM Maximo Spatial Asset Management 7.6.1.0 and 7.6.1.1. The issue allows an authenticated attacker t...

CVE-2023-32337 IBM Maximo Spatial Asset Management server-side request forgery

IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288...

CVE-2020-4650

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023...

CVE-2020-4650

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023...

CVE-2020-4651

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186024...

CVE-2020-4651

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186024...

Code injection

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023...

CVE-2020-4651

CVE-2020-4651 affects IBM Maximo Spatial Asset Management, specifically versions 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0. The issue is a cross-site request forgery (CSRF) vulnerability that could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The root cau...

CVE-2020-4650

Summary: CVE-2020-4650 affects IBM Maximo Spatial Asset Management 7.6.0.3/0.4/0.5/1.0 where web pages can be stored locally and read by another user on the same system. The core issue is a local storage exposure in the web component, enabling access to locally stored pages. The NVD entry notes a...

CVE-2020-4650

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023...

CVE-2020-4651

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186024...

Security Bulletin: IBM Maximo Spatial Asset Management allows web pages to be stored locally which can be read by another user on the system (CVE-2020-4650)

Summary IBM Maximo Spatial Asset Management allows web pages to be stored locally which can be read by another user on the system. Vulnerability Details CVEID: CVE-2020-4650 DESCRIPTION: IBM Maximo Spatial Asset Management allows web pages to be stored locally which can be read by another user on...

Security Bulletin: IBM Maximo Spatial Asset Management is vulnerable to cross-site request forgery (CVE-2020-4651)

Summary IBM Maximo Spatial Asset Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. Vulnerability Details CVEID: CVE-2020-4651 DESCRIPTION: IBM Maximo Spatial Asset...