Maximo Asset Management@7.6.0.4 Security Vulnerabilities and Issues — Maximo Asset Management@7.6.0.4 CVE List

Lucene search

IbmMaximo Asset Management7.6.0.4

6 matches found

CVE•added 2017/03/07 5:59 p.m.•48 views

CVE-2017-1124

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053.

2.9CVSS3.5AI score0.00046EPSS

CVE•added 2017/08/09 6:29 p.m.•39 views

CVE-2017-1357

IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to manipulate work orders to forge emails which could be used to conduct further advanced attacks. IBM X-Force ID: 126684.

4.3CVSS4.4AI score0.00215EPSS

CVE•added 2016/07/17 10:59 p.m.•34 views

CVE-2016-0393

IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files.

5.3CVSS5.1AI score0.00207EPSS

CVE•added 2016/07/02 2:59 p.m.•34 views

CVE-2016-0399

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5.4CVSS5AI score0.00168EPSS

CVE•added 2016/11/30 11:59 a.m.•33 views

CVE-2016-5905

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

5.4CVSS4.9AI score0.00154EPSS

CVE•added 2016/11/30 11:59 a.m.•32 views

CVE-2016-5987

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.10 IF4, and 7.6 before 7.6.0.5 IF3 allows remote attackers to obtain sensitive information via a crafted HTTP request that triggers construction of a runtime error message.

5.3CVSS5AI score0.00316EPSS