Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmMaximo Asset Management

19 matches found

CVE
CVEadded 2012/03/13 3:12 a.m.47 views

CVE-2011-1397

Cross-site request forgery (CSRF) vulnerability in the Labor Reporting page in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Ti...

6.8CVSS7.3AI score0.00237EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.47 views

CVE-2011-4819

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/.

4.3CVSS5.8AI score0.00295EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.45 views

CVE-2011-1394

IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 all...

5CVSS6.8AI score0.01501EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.45 views

CVE-2011-4818

Open redirect vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the uisessionid parameter to an unspecified component.

4.3CVSS6.2AI score0.00295EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.44 views

CVE-2012-2185

IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive information via unspe...

4CVSS5.8AI score0.00226EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.43 views

CVE-2011-1396

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote attackers to inject arbitrary web script or HTML via the reportType parameter to an unspecified component.

4.3CVSS5.8AI score0.00295EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.43 views

CVE-2011-4817

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management D...

4CVSS6.3AI score0.00327EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.43 views

CVE-2012-0195

Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service ...

4.3CVSS5.8AI score0.00478EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.43 views

CVE-2012-0747

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute...

6.5CVSS8AI score0.00346EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.43 views

CVE-2012-2184

Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web ses...

6.8CVSS6.7AI score0.00609EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.41 views

CVE-2012-0714

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers ...

6.8CVSS7.2AI score0.00204EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.41 views

CVE-2012-0728

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute...

6.5CVSS8AI score0.003EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.41 views

CVE-2012-2183

Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web ses...

6.8CVSS6.7AI score0.00744EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.40 views

CVE-2011-1395

Cross-site scripting (XSS) vulnerability in imicon.jsp in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote attackers to inject arbitrary web script or HTML via the controlid parameter.

4.3CVSS5.8AI score0.00295EPSS
CVE
CVEadded 2012/03/13 3:12 a.m.40 views

CVE-2011-4816

SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configurati...

6.5CVSS8AI score0.00563EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.38 views

CVE-2012-3326

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary...

4.3CVSS5.8AI score0.00256EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.37 views

CVE-2012-0727

SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary S...

6.5CVSS8AI score0.003EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.36 views

CVE-2012-3313

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inje...

4.3CVSS5.8AI score0.00256EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.34 views

CVE-2012-0746

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to inject...

3.5CVSS5.3AI score0.0018EPSS