Vulnerabilities > IBM > Maximo Application Suite > 8.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-28 | CVE-2022-41732 | Insufficiently Protected Credentials vulnerability in IBM Maximo Application Suite 8.7/8.8 IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2022-09-14 | CVE-2021-38924 | Information Exposure Through an Error Message vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2022-05-03 | CVE-2021-29854 | Improper Encoding or Escaping of Output vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 4.3 |