Maximo Asset Management@7.1.1.7 Security Vulnerabilities and Issues — Page 2 of Maximo Asset Management@7.1.1.7 CVE List

Lucene search

IbmMaximo Asset Management7.1.1.7

60 matches found

CVE•added 2014/07/30 11:15 a.m.•35 views

CVE-2014-3025

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2 through 6.2....

3.5CVSS5.5AI score0.00208EPSS

CVE•added 2015/07/01 10:59 a.m.•35 views

CVE-2015-1951

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.

2.1CVSS6AI score0.00057EPSS

CVE•added 2013/10/01 11:14 a.m.•34 views

CVE-2013-4017

SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

6.5CVSS8.4AI score0.003EPSS

CVE•added 2016/07/02 2:59 p.m.•34 views

CVE-2016-0399

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5.4CVSS5AI score0.00168EPSS

CVE•added 2013/10/01 11:14 a.m.•33 views

CVE-2013-4027

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.

6.5CVSS6.2AI score0.00281EPSS

CVE•added 2013/10/01 11:14 a.m.•32 views

CVE-2013-3048

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5CVSS5.3AI score0.00208EPSS

CVE•added 2013/10/01 11:14 a.m.•32 views

CVE-2013-4014

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00295EPSS

CVE•added 2013/10/01 11:14 a.m.•32 views

CVE-2013-5395

IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to bypass intended access restrictions via unspecified vectors.

7.5CVSS6.8AI score0.0033EPSS

CVE•added 2016/11/30 11:59 a.m.•32 views

CVE-2016-5987

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.10 IF4, and 7.6 before 7.6.0.5 IF3 allows remote attackers to obtain sensitive information via a crafted HTTP request that triggers construction of a runtime error message.

5.3CVSS5AI score0.00316EPSS

CVE•added 2014/05/26 11:14 a.m.•30 views

CVE-2012-3333

CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter in a URL.

4.3CVSS6.9AI score0.00246EPSS

Total number of security vulnerabilities60