Vulnerabilities > IBM > Maximo Asset Management > 7.6.1.2

DATE CVE VULNERABILITY TITLE RISK
2023-09-08 CVE-2023-32332 Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection.
network
low complexity
ibm CWE-79
5.4
5.4
2023-06-05 CVE-2023-32334 Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters.
network
low complexity
ibm
5.3
5.3
2023-05-05 CVE-2022-43866 Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-04-28 CVE-2023-27864 Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
5.4
5.4
2023-04-27 CVE-2023-27860 Information Exposure Through an Error Message vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message.
network
low complexity
ibm CWE-209
5.3
5.3
2023-03-02 CVE-2022-35645 Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-02-17 CVE-2022-41734 Cleartext Storage of Sensitive Information vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-312
7.5
7.5
2023-01-09 CVE-2022-35281 Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection.
network
low complexity
ibm CWE-1236
8.8
8.8
2022-09-21 CVE-2022-40616 Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.1/7.6.1.2/7.6.1.3
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to.
network
low complexity
ibm
8.1
8.1
2022-09-14 CVE-2021-38924 Information Exposure Through an Error Message vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
7.5
7.5