Lucene search
K
IbmMaximo Enterprise Adapter

4 matches found

CVE
CVE
added 2020/04/17 1:25 p.m.60 views

CVE-2019-4749

CVE-2019-4749 denotes a cross-site scripting vulnerability in IBM Maximo Asset Management 7.6, allowing arbitrary JavaScript in the Web UI and potentially exposing credentials in a trusted session. IBM’s bulletin identifies affected core versions, notably 7.6.1.1, and directs remediation via inte...

5.4CVSS5.2AI score0.00673EPSS
CVE
CVE
added 2020/09/16 3:55 p.m.55 views

CVE-2020-4409

The CVE-2020-4409 issue affects IBM Maximo Asset Management core product versions 7.6.0 and 7.6.1, where a remote attacker could conduct phishing via a tabnabbing attack by steering a user to a crafted site and then redirecting to a trusted-appearing malicious page. Root cause is a reverse tabnab...

8.2CVSS7.6AI score0.00893EPSS
CVE
CVE
added 2020/04/17 1:25 p.m.53 views

CVE-2019-4644

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting in the Web UI, allowing injection of arbitrary JavaScript and potentially credential disclosure within a trusted session. Affected core versions include 7.6.0.10, 7.6.1.0, and 7.6.1.1 (with related industry solutions). IBM’s ad...

6.1CVSS5.8AI score0.00872EPSS
CVE
CVE
added 2020/04/17 1:25 p.m.46 views

CVE-2019-4446

IBM Maximo Asset Management 7.6.x is affected by CVE-2019-4446 through insecure permissions that allow an authenticated user to perform actions by modifying request parameters. Affected core Product versions: 7.6.0, 7.6.1, and 7.6.1.1 (including related Industry Solutions and IBM Control Desk com...

5.5CVSS5.2AI score0.00781EPSS