Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
IbmSmartcloud Control Desk

65 matches found

CVE
CVEadded 2012/09/10 5:55 p.m.36 views

CVE-2012-3313

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inje...

4.3CVSS5.8AI score0.00256EPSS
CVE
CVEadded 2014/05/26 4:55 p.m.36 views

CVE-2014-0849

IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.

6CVSS6.6AI score0.00369EPSS
CVE
CVEadded 2014/05/26 4:55 p.m.36 views

CVE-2014-0893

Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM Maximo Asset Management 7.5.x before 7.5.0.5 IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

4.3CVSS5.3AI score0.00266EPSS
CVE
CVEadded 2015/11/08 3:59 a.m.36 views

CVE-2015-7395

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 FP002; Maximo Asset Management 7.5.0 before 7.5.0.8 IFIX005, 7.5.1, and 7.6.0 before 7.6.0.2 FP002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivol...

4CVSS6.2AI score0.00111EPSS
CVE
CVEadded 2018/08/06 2:29 p.m.36 views

CVE-2018-1528

IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. IBM X-Force ID: 142290.

4.3CVSS4.1AI score0.00163EPSS
CVE
CVEadded 2013/12/18 4:4 p.m.35 views

CVE-2013-5402

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities 7.1.x through 7.1.1.12, 7.1.2, 7.5 befo...

3.5CVSS5.4AI score0.0018EPSS
CVE
CVEadded 2014/05/26 4:55 p.m.35 views

CVE-2013-5460

IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and read communication logs associated with unrelated records, via unspecified vectors.

3.5CVSS6.1AI score0.00159EPSS
CVE
CVEadded 2014/07/30 11:15 a.m.35 views

CVE-2014-3025

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2 through 6.2....

3.5CVSS5.5AI score0.00208EPSS
CVE
CVEadded 2014/07/29 8:55 p.m.35 views

CVE-2014-3026

CRLF injection vulnerability in IBM Maximo Asset Management 7.5 through 7.5.0.6, and 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

3.5CVSS6.5AI score0.00173EPSS
CVE
CVEadded 2012/09/10 5:55 p.m.34 views

CVE-2012-0746

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to inject...

3.5CVSS5.3AI score0.0018EPSS
CVE
CVEadded 2013/02/20 12:9 p.m.34 views

CVE-2013-0457

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessionid.

3.5CVSS5.2AI score0.00161EPSS
CVE
CVEadded 2014/05/26 4:55 p.m.34 views

CVE-2013-5464

IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and modify physical counts associated with ...

6CVSS5.9AI score0.00216EPSS
CVE
CVEadded 2013/02/20 12:9 p.m.31 views

CVE-2012-3321

IBM SmartCloud Control Desk 7.5 allows remote authenticated users to bypass intended access restrictions via vectors involving an expired password.

6.5CVSS6.2AI score0.00216EPSS
CVE
CVEadded 2013/02/20 12:9 p.m.31 views

CVE-2012-6357

IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges and bypass intended restrictions on asset-lookup operations via unspecified vectors.

6.5CVSS6.6AI score0.00216EPSS
CVE
CVEadded 2014/05/26 11:14 a.m.30 views

CVE-2012-3333

CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter in a URL.

4.3CVSS6.9AI score0.00246EPSS
Total number of security vulnerabilities65