Vulnerabilities > IBM > Maximo Asset Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-27 | CVE-2023-27860 | Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.2/7.6.1.3 IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. | 5.3 |
| 2023-03-02 | CVE-2022-35645 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-02-17 | CVE-2022-41734 | Cleartext Storage of Sensitive Information vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2023-01-09 | CVE-2022-35281 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. | 8.8 |
| 2022-09-21 | CVE-2022-40616 | Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.1/7.6.1.2/7.6.1.3 IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to. | 8.1 |
| 2022-09-14 | CVE-2021-38924 | Information Exposure Through an Error Message vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2022-08-26 | CVE-2022-35714 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.1/7.6.1.2 IBM Maximo Asset Management 7.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2022-05-03 | CVE-2021-29854 | Improper Encoding or Escaping of Output vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 7.2 |
| 2022-04-21 | CVE-2022-22435 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. | 5.4 |
| 2022-04-21 | CVE-2022-22436 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. | 5.4 |