Maximo Application Suite@8.10 Security Vulnerabilities and Issues — Maximo Application Suite@8.10 CVE List

Lucene search

IbmMaximo Application Suite8.10

5 matches found

CVE•added 2024/04/06 12:15 p.m.•92 views

CVE-2024-22328

IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 279950.

7.5CVSS7.3AI score0.00043EPSS

CVE•added 2023/09/08 8:15 p.m.•55 views

CVE-2023-32332

IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force...

5.4CVSS5.5AI score0.0005EPSS

CVE•added 2024/06/13 2:15 p.m.•51 views

CVE-2024-22333

IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 279973.

3.3CVSS3.2AI score0.00022EPSS

CVE•added 2024/09/07 2:15 p.m.•49 views

CVE-2024-37068

IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques.

7.5CVSS5.8AI score0.00043EPSS

CVE•added 2024/03/13 10:15 a.m.•24 views

CVE-2023-32335

IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255075.

7.5CVSS3.6AI score0.00057EPSS