Vulnerabilities > IBM > Maximo Asset Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-11 | CVE-2024-45088 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.3 IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-06-13 | CVE-2024-22333 | Exposure of Resource to Wrong Sphere vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2024-02-02 | CVE-2023-32333 | Improper Access Control vulnerability in IBM Maximo Asset Management 7.6.1.3 IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. | 9.8 |
| 2024-01-19 | CVE-2023-32337 | Server-Side Request Forgery (SSRF) vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2024-01-19 | CVE-2023-47718 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-09-08 | CVE-2023-32332 | Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. | 5.4 |
| 2023-06-05 | CVE-2023-32334 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. | 5.3 |
| 2023-05-05 | CVE-2022-43866 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3 IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2023-04-28 | CVE-2023-27864 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3 IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML injection. | 5.4 |
| 2023-04-27 | CVE-2023-27860 | Information Exposure Through an Error Message vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3 IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. | 5.3 |