Lucene search
+L
IbmSmartcloud Control Desk-

9 matches found

CVE
CVE
added 2019/06/06 12:35 a.m.91 views

CVE-2019-4048

CVE-2019-4048 affects IBM Maximo Asset Management 7.6. The vulnerability allows a physical user to obtain sensitive information from a previous user on the same machine (a back-and-refresh-type information disclosure). Affected core product: Maximo Asset Management 7.6 (and related Industry Solut...

2.1CVSS3.1AI score0.00307EPSS
CVE
CVE
added 2019/06/06 12:35 a.m.78 views

CVE-2019-4056

IBM Maximo Asset Management 7.6 Work Centers' application lacks file type validation during upload, enabling upload of malicious files. Affected product: IBM Maximo Asset Management (core 7.6, with Industry Solutions and IBM Control Desk on top). Root cause: the upload workflow does not validate ...

4.3CVSS4.5AI score0.00863EPSS
CVE
CVE
added 2019/06/19 1:30 p.m.75 views

CVE-2019-4303

IBM Maximo Asset Management 7.6 is affected by a cross-site scripting vulnerability (CVE-2019-4303) that allows embedding arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. Affected products/versions include Maximo Asset Management core 7.6...

5.4CVSS5.2AI score0.00987EPSS
CVE
CVE
added 2019/06/19 1:30 p.m.75 views

CVE-2019-4364

CVE-2019-4364 affects IBM Maximo Asset Management core product 7.6. The vulnerability is CSV injection that could allow a remote authenticated attacker to execute arbitrary commands on the system. Remediation is provided by IBM Fix Central; affected 7.6 versions include 7.6.1.1 FP, 7.6.0.10 iFix,...

8.5CVSS7.6AI score0.02615EPSS
CVE
CVE
added 2019/06/06 12:35 a.m.73 views

CVE-2018-2028

CVE-2018-2028 affects IBM Maximo Asset Management 7.6. An authenticated user could replace a target page with a phishing site, potentially exposing highly sensitive information (confidentiality impact). The IBM bulletin lists affected core: Maximo Asset Management 7.6 (and related Industry Soluti...

6.5CVSS6AI score0.00784EPSS
CVE
CVE
added 2019/10/09 3:0 p.m.56 views

CVE-2019-4512

CVE-2019-4512 affects IBM Maximo Asset Management 7.6.1.1. The vulnerability arises from an error message that leaks sensitive information, enabling information disclosure. The IBM Security Bulletin lists affected products (core Maximo Asset Management 7.6.1.1 and related Industry Solutions/Contr...

4.3CVSS4.2AI score0.00994EPSS
CVE
CVE
added 2016/03/14 1:0 a.m.55 views

CVE-2016-0222

IBM Maximo Asset Management 7.6 is affected by CVE-2016-0222; versions prior to 7.6.0.3 IFIX001 allow an authenticated remote user to bypass access controls and read arbitrary purchase-order work logs via unspecified vectors. The IBM advisory recommends applying the corresponding Fix Central inte...

4.3CVSS4.2AI score0.00782EPSS
CVE
CVE
added 2017/02/01 8:0 p.m.53 views

CVE-2016-6072

CVE-2016-6072 affects IBM Maximo Asset Management core product (version 7.6) and related IBM Maximo Industry Solutions/Control Desk products when installed on affected cores. The vulnerability is a cross-site scripting flaw in the Web UI that lets an attacker embed arbitrary JavaScript, potential...

5.4CVSS5.2AI score0.00538EPSS
CVE
CVE
added 2020/02/19 3:15 p.m.53 views

CVE-2019-4429

CVE-2019-4429 affects IBM Maximo Asset Management core product versions 7.6.0 and 7.6.1. The issue is a cross-site scripting vulnerability in the Web UI, allowing an attacker to embed arbitrary JavaScript code that could alter functionality and potentially disclose credentials within a trusted se...

5.4CVSS5.2AI score0.00561EPSS