Smartcloud Control Desk@7.0 Security Vulnerabilities and Issues — Smartcloud Control Desk@7.0 CVE List

Lucene search

IbmSmartcloud Control Desk7.0

21 matches found

CVE•added 2014/05/26 4:55 p.m.•52 views

CVE-2013-5465

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, and 7.5.0.4 before IFIX011; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management...

6.5CVSS6.5AI score0.00394EPSS

CVE•added 2012/09/10 5:55 p.m.•44 views

CVE-2012-2185

IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive information via unspe...

4CVSS5.8AI score0.00226EPSS

CVE•added 2012/09/10 5:55 p.m.•43 views

CVE-2012-0747

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute...

6.5CVSS8AI score0.00346EPSS

CVE•added 2012/09/10 5:55 p.m.•43 views

CVE-2012-2184

Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web ses...

6.8CVSS6.7AI score0.00609EPSS

CVE•added 2014/05/26 11:14 a.m.•43 views

CVE-2013-2998

frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive information via an invalid action_code.

3.5CVSS5.7AI score0.00179EPSS

CVE•added 2014/05/26 4:55 p.m.•43 views

CVE-2013-4016

SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and...

6.5CVSS8AI score0.00314EPSS

CVE•added 2012/09/10 5:55 p.m.•41 views

CVE-2012-0714

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers ...

6.8CVSS7.2AI score0.00204EPSS

CVE•added 2012/09/10 5:55 p.m.•41 views

CVE-2012-0728

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute...

6.5CVSS8AI score0.003EPSS

CVE•added 2012/09/10 5:55 p.m.•41 views

CVE-2012-2183

Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web ses...

6.8CVSS6.7AI score0.00744EPSS

CVE•added 2014/05/26 4:55 p.m.•39 views

CVE-2013-6741

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Manage...

3.5CVSS5.9AI score0.00179EPSS

CVE•added 2014/05/26 4:55 p.m.•39 views

CVE-2014-0825

Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM Maximo Asset Management 7.x before 7.1.1.12 IFIX.20140321-1336 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Man...

3.5CVSS5.3AI score0.00188EPSS

CVE•added 2012/09/10 5:55 p.m.•38 views

CVE-2012-3326

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary...

4.3CVSS5.8AI score0.00256EPSS

CVE•added 2012/09/10 5:55 p.m.•37 views

CVE-2012-0727

SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary S...

6.5CVSS8AI score0.003EPSS

CVE•added 2014/08/29 10:0 a.m.•37 views

CVE-2014-3084

IBM Maximo Asset Management 6.1 through 6.5, 7.1 through 7.1.1.13, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2.8, 7.1, and 7.2 for Tivoli IT Asset Management for IT and certain other pr...

4.9CVSS6.3AI score0.00548EPSS

CVE•added 2012/09/10 5:55 p.m.•36 views

CVE-2012-3313

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inje...

4.3CVSS5.8AI score0.00256EPSS

CVE•added 2014/05/26 4:55 p.m.•36 views

CVE-2014-0849

IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to gain privileges by leveraging membership in two security groups.

6CVSS6.6AI score0.00369EPSS

CVE•added 2014/05/26 4:55 p.m.•36 views

CVE-2014-0893

Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM Maximo Asset Management 7.5.x before 7.5.0.5 IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

4.3CVSS5.3AI score0.00266EPSS

CVE•added 2014/05/26 4:55 p.m.•35 views

CVE-2013-5460

IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and read communication logs associated with unrelated records, via unspecified vectors.

3.5CVSS6.1AI score0.00159EPSS

CVE•added 2012/09/10 5:55 p.m.•34 views

CVE-2012-0746

3.5CVSS5.3AI score0.0018EPSS

CVE•added 2014/05/26 4:55 p.m.•34 views

CVE-2013-5464

IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and modify physical counts associated with ...

6CVSS5.9AI score0.00216EPSS

CVE•added 2014/05/26 11:14 a.m.•30 views

CVE-2012-3333

CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter in a URL.

4.3CVSS6.9AI score0.00246EPSS