Maximo Asset Management@7.6.0.5 Security Vulnerabilities and Issues — Maximo Asset Management@7.6.0.5 CVE List

Lucene search

IbmMaximo Asset Management7.6.0.5

5 matches found

CVE•added 2017/03/07 5:59 p.m.•48 views

CVE-2017-1124

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053.

2.9CVSS3.5AI score0.00046EPSS

CVE•added 2017/08/09 6:29 p.m.•39 views

CVE-2017-1357

IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to manipulate work orders to forge emails which could be used to conduct further advanced attacks. IBM X-Force ID: 126684.

4.3CVSS4.4AI score0.00215EPSS

CVE•added 2016/07/17 10:59 p.m.•34 views

CVE-2016-0393

IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files.

5.3CVSS5.1AI score0.00207EPSS

CVE•added 2016/07/02 2:59 p.m.•34 views

CVE-2016-0399

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5.4CVSS5AI score0.00168EPSS

CVE•added 2018/02/22 7:29 p.m.•34 views

CVE-2018-1415

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138821.

5.4CVSS5.2AI score0.00269EPSS