Maximo Application Suite Security Vulnerabilities and Issues — Maximo Application Suite CVE List

Lucene search

IbmMaximo Application Suite

3 matches found

CVE•added 2024/03/14 7:15 p.m.•69 views

CVE-2024-27266

IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 284566.

8.2CVSS8.1AI score0.0002EPSS

CVE•added 2024/03/13 10:15 a.m.•38 views

CVE-2023-38723

IBM Maximo Application Suite 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 262192...

6.4CVSS5.8AI score0.00068EPSS

CVE•added 2024/03/13 10:15 a.m.•24 views

CVE-2023-32335

IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 255075.

7.5CVSS3.6AI score0.00077EPSS