Vulnerabilities > IBM > Maximo Asset Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-06 | CVE-2018-2028 | Cleartext Storage of Sensitive Information vulnerability in IBM products IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. | 6.5 |
2018-12-05 | CVE-2018-1697 | Information Exposure vulnerability in IBM Maximo Asset Management 7.6 IBM Maximo Asset Management 7.6 could allow an authenticated user to enumerate usernames using a specially crafted HTTP request. | 4.3 |
2018-11-28 | CVE-2018-1584 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6 IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 5.4 |
2018-11-09 | CVE-2018-1872 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6 IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 5.4 |
2018-10-05 | CVE-2018-1686 | Cross-site Scripting vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. | 5.4 |
2018-09-13 | CVE-2018-1698 | Information Exposure vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 through 7.6.3 could allow an unauthenticated attacker to obtain sensitive information from error messages. | 5.3 |
2018-08-24 | CVE-2018-1699 | SQL Injection vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. | 8.8 |
2018-08-16 | CVE-2018-1715 | Cross-site Scripting vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. | 5.4 |
2018-08-06 | CVE-2018-1528 | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. | 4.3 |
2018-08-03 | CVE-2018-1524 | Insecure Default Initialization of Resource vulnerability in IBM products IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. | 8.8 |