Maximo For Aviation@7.6 Security Vulnerabilities and Issues — Maximo For Aviation@7.6 CVE List

Lucene search

IbmMaximo For Aviation7.6

10 matches found

CVE•added 2019/06/06 1:29 a.m.•76 views

CVE-2019-4048

IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive information from a previous user of the same machine. IBM X-Force ID: 156311.

2.1CVSS3.1AI score0.00079EPSS

CVE•added 2019/06/06 1:29 a.m.•63 views

CVE-2019-4056

IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. IBM X-Force ID: 156565.

4.3CVSS4.5AI score0.00214EPSS

CVE•added 2019/06/19 2:15 p.m.•63 views

CVE-2019-4364

IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbirary commands on the system. IBM X-Force ID: 161680.

8.5CVSS7.6AI score0.01296EPSS

CVE•added 2019/06/19 2:15 p.m.•62 views

CVE-2019-4303

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 160949.

5.4CVSS5.2AI score0.00229EPSS

CVE•added 2019/06/06 1:29 a.m.•59 views

CVE-2018-2028

IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. IBM X-Force ID: 155554.

6.5CVSS6AI score0.00087EPSS

CVE•added 2019/10/24 12:15 p.m.•53 views

CVE-2019-4486

5.4CVSS5.2AI score0.00211EPSS

CVE•added 2017/02/01 8:59 p.m.•40 views

CVE-2016-5896

IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.

5.3CVSS5AI score0.00187EPSS

CVE•added 2019/10/09 4:15 p.m.•40 views

CVE-2019-4512

IBM Maximo Asset Management 7.6.1.1 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 164554.

4.3CVSS4.2AI score0.00119EPSS

CVE•added 2018/03/27 5:29 p.m.•38 views

CVE-2015-5016

IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended access restrictions and read arbitrary ticket workl...

4.3CVSS4.2AI score0.00105EPSS

CVE•added 2017/02/08 10:59 p.m.•34 views

CVE-2016-5902

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00317EPSS