Vulnerabilities > IBM > Maximo Asset Management > 6.2.1

DATE CVE VULNERABILITY TITLE RISK
2013-10-01 CVE-2013-4027 Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
network
low complexity
ibm CWE-264
6.5
6.5
2013-10-01 CVE-2013-4021 Unspecified vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to conduct unspecified file-inclusion attacks via unknown vectors.
network
low complexity
ibm
6.5
6.5
2013-10-01 CVE-2013-4020 Unspecified vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
network
low complexity
ibm
4.0
4.0
2013-10-01 CVE-2013-4019 Cross-Site Scripting vulnerability in IBM Maximo Asset Management
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 before 7.1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2013-10-01 CVE-2013-4018 Unspecified vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors.
network
ibm
6.0
6.0
2013-10-01 CVE-2013-4014 Cross-Site Scripting vulnerability in IBM Maximo Asset Management
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
4.3
4.3
2013-10-01 CVE-2013-4013 Unspecified vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
ibm
5.0
5.0
2013-10-01 CVE-2013-3048 Cross-Site Scripting vulnerability in IBM Maximo Asset Management
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2013-10-01 CVE-2013-0451 SQL Injection vulnerability in IBM Maximo Asset Management
SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
ibm CWE-89
6.5
6.5
2013-10-01 CVE-2012-3323 Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors.
network
ibm CWE-264
6.8
6.8