Vulnerabilities > IBM > Maximo Asset Management > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2023-32333 Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.3
IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls.
network
low complexity
ibm
critical
9.8
2021-08-12 CVE-2021-20509 Injection vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection.
network
low complexity
ibm CWE-74
critical
9.8
2020-10-05 CVE-2020-4493 Unspecified vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTTP command.
network
low complexity
ibm
critical
9.8
2020-02-18 CVE-2013-3323 Improper Privilege Management vulnerability in IBM products
A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
network
low complexity
ibm CWE-269
critical
9.8
2017-07-05 CVE-2017-1175 SQL Injection vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
critical
9.8