Lucene search
K
IbmMaximo For Energy Optimization

10 matches found

CVE
CVE
added 2016/03/12 3:0 p.m.58 views

CVE-2015-7448

CVE-2015-7448 is a SQL injection vulnerability affecting IBM Maximo Asset Management (and related Tivoli/SmartCloud Control Desk components) where remote authenticated users can cause arbitrary SQL execution via unspecified vectors. Affected products/versions include Maximo Asset Management 7.1–7...

6.5CVSS6AI score0.00707EPSS
CVE
CVE
added 2016/01/27 2:0 a.m.58 views

CVE-2015-7487

CVE-2015-7487 affects IBM Maximo Asset Management and related Tivoli products. The vulnerability allows a local attacker with administrative privileges to read log files and obtain sensitive information, due to improper handling of logs in several Maximo/Tivoli components (Maximo Asset Management...

4.9CVSS4.1AI score0.00284EPSS
CVE
CVE
added 2015/10/05 10:0 a.m.56 views

CVE-2015-4944

CVE-2015-4944 is an XSS vulnerability in IBM Maximo Asset Management and related IBM products (including SmartCloud Control Desk, Tivoli IT Asset Management for IT, and others built on affected core versions). The root cause is improper validation of user input, allowing remote authenticated atta...

3.5CVSS5.3AI score0.00783EPSS
CVE
CVE
added 2015/10/05 10:0 a.m.56 views

CVE-2015-4967

IBM Maximo Asset Management is affected by CVE-2015-4967, a SQL injection vulnerability. A remote attacker could send specially-crafted SQL statements to view, add, modify, or delete data in the back-end database. Affected products and versions include Maximo Asset Management (7.6, 7.5, 7.1), Max...

6.5CVSS7.9AI score0.00991EPSS
CVE
CVE
added 2015/10/04 1:0 a.m.55 views

CVE-2015-1934

CVE-2015-1934 affects IBM Maximo Asset Management and related products. The root issue is weak encryption of passwords, allowing context-dependent attackers with access to a password file to obtain cleartext passwords. Affected versions include Maximo Asset Management 7.1–7.1.1.13, 7.5.x before 7...

5CVSS6.6AI score0.00993EPSS
CVE
CVE
added 2016/01/03 2:0 a.m.53 views

CVE-2015-5017

The CVE-2015-5017 issue affects IBM Maximo Asset Management family (including Maximo Asset Management 7.6, 7.5, 7.1; Essentials; and related products like SmartCloud Control Desk and Tivoli IT Asset Management for IT). It allows remote authenticated users to bypass access controls by signing in w...

5.5CVSS5.2AI score0.00661EPSS
CVE
CVE
added 2015/10/05 10:0 a.m.52 views

CVE-2015-4965

Summary: CVE-2015-4965 is a misconfiguration in IBM Maximo Asset Management and related products that could allow an authenticated user to view backup and debug application files, potentially exposing sensitive information. Affected products (per bulletins): Maximo Asset Management 7.6, 7.5, 7.1;...

4CVSS5.8AI score0.00966EPSS
CVE
CVE
added 2015/10/04 1:0 a.m.51 views

CVE-2015-1933

CVE-2015-1933 affects IBM Maximo Asset Management and related products; the root cause is that the password input field autocomplete attribute is not set to false, enabling local attackers to obtain account information via an unattended workstation. Affected versions include Maximo Asset Manageme...

2.1CVSS6.8AI score0.00444EPSS
CVE
CVE
added 2018/03/27 5:0 p.m.51 views

CVE-2015-5016

CVE-2015-5016 affects IBM Maximo Asset Management family (7.6/7.5/7.1), Maximo Asset Management Essentials (7.5/7.1), plus related IBM products (Control Desk 7.5/7.6; Tivoli Asset Management for IT 7.1/7.2; others). The issue allows a remote authenticated user to bypass access restrictions and re...

4.3CVSS4.2AI score0.00993EPSS
CVE
CVE
added 2017/02/08 10:0 p.m.43 views

CVE-2016-5902

CVE-2016-5902 affects IBM Maximo Asset Management. The IBM bulletin documents a cross-site scripting flaw in the Web UI that can lead to credential disclosure within a trusted session. Affected core versions: 7.6, 7.5, 7.1 (with various Industry Solutions/SmartCloud components on these cores). Ro...

6.1CVSS5.9AI score0.00873EPSS