Maximo Application Suite@8.7 Security Vulnerabilities and Issues — Maximo Application Suite@8.7 CVE List

Lucene search

IbmMaximo Application Suite8.7

3 matches found

CVE•added 2022/05/03 7:15 p.m.•81 views

CVE-2021-29854

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attack...

7.2CVSS6.7AI score0.00057EPSS

CVE•added 2022/09/14 5:15 p.m.•55 views

CVE-2021-38924

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163.

7.5CVSS7AI score0.00053EPSS

CVE•added 2022/11/28 5:15 p.m.•51 views

CVE-2022-41732

IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.

6.2CVSS5.3AI score0.00018EPSS