Smartcloud Control Desk@7.6.0.1 Security Vulnerabilities and Issues — Smartcloud Control Desk@7.6.0.1 CVE List

Lucene search

IbmSmartcloud Control Desk7.6.0.1

4 matches found

CVE•added 2019/10/24 12:15 p.m.•53 views

CVE-2019-4486

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164070.

5.4CVSS5.2AI score0.00211EPSS

CVE•added 2016/03/12 3:59 p.m.•40 views

CVE-2015-7448

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1...

6.5CVSS6AI score0.00126EPSS

CVE•added 2018/08/03 3:29 p.m.•38 views

CVE-2018-1524

IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.

9CVSS8.5AI score0.00393EPSS

CVE•added 2018/08/06 2:29 p.m.•36 views

CVE-2018-1528

IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. IBM X-Force ID: 142290.

4.3CVSS4.1AI score0.00163EPSS