Vulnerabilities > IBM > Maximo Asset Management Scheduler > 7.6.7.1

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-4409 Open Redirect vulnerability in IBM products
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack.
network
ibm CWE-601
5.8
5.8
2020-04-17 CVE-2019-4749 Cross-site Scripting vulnerability in IBM products
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-04-17 CVE-2019-4644 Cross-site Scripting vulnerability in IBM products
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3
2020-04-17 CVE-2019-4446 Missing Authorization vulnerability in IBM products
IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters.
network
low complexity
ibm CWE-862
5.5
5.5