Lucene search
K
IbmMaximo For Civil Infrastructure

4 matches found

CVE
CVE
added 2021/02/18 3:10 p.m.49 views

CVE-2021-20445

CVE-2021-20445 affects IBM Maximo for Civil Infrastructure 7.6.2. The vulnerability stems from insecure storage of authentication credentials, potentially allowing a user to obtain sensitive information. The issue is documented across multiple sources (NVD entry for the CVE and IBM bulletin) and ...

6.5CVSS6.2AI score0.01139EPSS
CVE
CVE
added 2021/02/18 3:10 p.m.46 views

CVE-2021-20446

CVE-2021-20446 affects IBM Maximo for Civil Infrastructure 7.6.2. It is a cross-site scripting vulnerability in the Web UI that can cause arbitrary JavaScript execution and potentially credentials disclosure within a trusted session. Mitigation: apply the Fix Pack 7.6.2.1 (interim fix) or equival...

5.4CVSS5.2AI score0.00502EPSS
CVE
CVE
added 2021/02/18 3:10 p.m.39 views

CVE-2021-20443

CVE-2021-20443 affects IBM Maximo for Civil Infrastructure 7.6.2. The issue arises from including executable functionality (such as a library) from sources outside the intended control sphere, enabling potential untrusted code execution by a component shipped with the product (Maximo Data Loader)...

8.8CVSS8.3AI score0.00826EPSS
CVE
CVE
added 2021/02/18 3:10 p.m.37 views

CVE-2021-20444

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting via the Web UI, potentially allowing an attacker to embed arbitrary JavaScript and disclose credentials within a trusted session. The vulnerability is documented across multiple sources (CVE-2021-20444, CNVD-2021-1105...

6.1CVSS5.8AI score0.00661EPSS