Maximo For Nuclear Power@7.5 Security Vulnerabilities and Issues — Maximo For Nuclear Power@7.5 CVE List

Lucene search

IbmMaximo For Nuclear Power7.5

10 matches found

CVE•added 2020/02/18 5:15 p.m.•48 views

CVE-2013-3323

A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.

9.8CVSS9.2AI score0.00534EPSS

CVE•added 2016/01/02 9:59 p.m.•45 views

CVE-2015-7396

The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensi...

5.5CVSS5AI score0.00133EPSS

CVE•added 2016/01/03 5:59 a.m.•44 views

CVE-2015-5051

IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified ve...

4.3CVSS4.3AI score0.00137EPSS

CVE•added 2016/01/27 5:59 a.m.•41 views

CVE-2015-7487

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX002, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX002, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for T...

4.9CVSS4.1AI score0.00052EPSS

CVE•added 2016/03/12 3:59 p.m.•40 views

CVE-2015-7448

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1...

6.5CVSS6AI score0.00126EPSS

CVE•added 2016/01/03 5:59 a.m.•39 views

CVE-2015-5017

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for T...

5.5CVSS5.2AI score0.00105EPSS

CVE•added 2018/03/27 5:29 p.m.•38 views

CVE-2015-5016

IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended access restrictions and read arbitrary ticket workl...

4.3CVSS4.2AI score0.00105EPSS

CVE•added 2016/01/02 9:59 p.m.•38 views

CVE-2015-7452

IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API.

4.3CVSS4.2AI score0.00155EPSS

CVE•added 2016/01/02 5:59 a.m.•37 views

CVE-2015-7451

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.9 IF2 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 IF2, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allows remote authenticated users to inject arbitrary web scrip...

5.4CVSS5AI score0.00168EPSS

CVE•added 2017/02/08 10:59 p.m.•34 views

CVE-2016-5902

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00317EPSS