Maximo Asset Management@7.6.1.1 Security Vulnerabilities and Issues — Maximo Asset Management@7.6.1.1 CVE List

Lucene search

IbmMaximo Asset Management7.6.1.1

4 matches found

CVE•added 2022/05/03 7:15 p.m.•81 views

CVE-2021-29854

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attack...

7.2CVSS6.7AI score0.00057EPSS

CVE•added 2022/09/14 5:15 p.m.•55 views

CVE-2021-38924

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163.

7.5CVSS7AI score0.00053EPSS

CVE•added 2022/08/26 6:15 p.m.•48 views

CVE-2022-35714

IBM Maximo Asset Management 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231116.

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2022/09/21 5:15 p.m.•45 views

CVE-2022-40616

IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to. IBM X-Force ID: 236311.

8.1CVSS7.8AI score0.00025EPSS