Vulnerabilities > IBM > Maximo Asset Management > 7.6.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-15 | CVE-2019-4671 | SQL Injection vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to SQL injection. | 6.5 |
2020-06-26 | CVE-2020-4223 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1 IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. | 3.5 |
2020-06-26 | CVE-2019-4650 | SQL Injection vulnerability in IBM Maximo Asset Management 7.6.1.1 IBM Maximo Asset Management 7.6.1.1 is vulnerable to SQL injection. | 6.5 |
2020-05-12 | CVE-2019-4478 | Information Exposure vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.1/7.6.1.1 IBM Maximo Asset Management 7.6.0, and 7.6.1 could allow an authenticated user to obtain highly sensitive information that they should not normally have access to. | 4.0 |
2020-04-17 | CVE-2019-4749 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 3.5 |
2020-04-17 | CVE-2019-4644 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 4.3 |
2020-04-17 | CVE-2019-4446 | Missing Authorization vulnerability in IBM products IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters. | 5.5 |
2020-02-20 | CVE-2019-4583 | Information Exposure Through an Error Message vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1 IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. | 4.0 |
2019-11-20 | CVE-2019-4530 | Unspecified vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.1/7.6.1.1 IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. | 5.5 |
2019-10-09 | CVE-2019-4512 | Information Exposure Through an Error Message vulnerability in IBM products IBM Maximo Asset Management 7.6.1.1 generates an error message that includes sensitive information that could be used in further attacks against the system. | 4.0 |