Maximo Application Suite Security Vulnerabilities and Issues — Maximo Application Suite CVE List

Lucene search

IbmMaximo Application Suite

4 matches found

CVE•added 2025/01/25 3:15 p.m.•73 views

CVE-2024-35145

IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...

6.1CVSS6.1AI score0.00078EPSS

CVE•added 2025/01/25 3:15 p.m.•45 views

CVE-2024-35148

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

8.8CVSS6.7AI score0.00057EPSS

CVE•added 2025/01/25 3:15 p.m.•44 views

CVE-2024-35144

IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system.

5.3CVSS5.4AI score0.00042EPSS

CVE•added 2025/01/25 3:15 p.m.•38 views

CVE-2024-35150

IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs, which could allow an attacker to inject false log entries.

5.3CVSS5.2AI score0.00044EPSS