Vulnerabilities > IBM > Maximo Asset Management > 7.6.1.3

DATE CVE VULNERABILITY TITLE RISK
2023-04-27 CVE-2023-27860 Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message.
network
low complexity
ibm
5.3
2023-03-02 CVE-2022-35645 Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
2023-02-17 CVE-2022-41734 Cleartext Storage of Sensitive Information vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-312
7.5
2023-01-09 CVE-2022-35281 Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection.
network
low complexity
ibm
8.8
2022-09-21 CVE-2022-40616 Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.1/7.6.1.2/7.6.1.3
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to.
network
low complexity
ibm
8.1
2018-10-05 CVE-2018-1686 Cross-site Scripting vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2018-09-13 CVE-2018-1698 Information Exposure vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6 through 7.6.3 could allow an unauthenticated attacker to obtain sensitive information from error messages.
network
low complexity
ibm CWE-200
5.3
2018-08-24 CVE-2018-1699 SQL Injection vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
8.8
2018-08-16 CVE-2018-1715 Cross-site Scripting vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2018-08-06 CVE-2018-1528 Information Exposure vulnerability in IBM products
IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API.
network
low complexity
ibm CWE-200
4.3