Maximo Application Suite@9.0 Security Vulnerabilities and Issues — Maximo Application Suite@9.0 CVE List

Lucene search

IbmMaximo Application Suite9.0

6 matches found

CVE•added 2025/01/25 3:15 p.m.•73 views

CVE-2024-35145

IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...

6.1CVSS6.1AI score0.00078EPSS

CVE•added 2025/05/06 3:16 p.m.•49 views

CVE-2025-2898

IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.

8.8CVSS7.4AI score0.00054EPSS

CVE•added 2025/01/25 3:15 p.m.•45 views

CVE-2024-35148

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

8.8CVSS6.7AI score0.00057EPSS

CVE•added 2025/01/25 3:15 p.m.•44 views

CVE-2024-35144

IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system.

5.3CVSS5.4AI score0.00042EPSS

CVE•added 2025/04/10 2:15 p.m.•40 views

CVE-2023-43037

IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform unauthorized actions due to improper input validation.

6.5CVSS6.3AI score0.00062EPSS

CVE•added 2025/04/05 1:15 a.m.•31 views

CVE-2025-1500

IBM Maximo Application Suite 9.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.

8CVSS6.6AI score0.00053EPSS