Vulnerabilities > IBM > Maximo Spatial Asset Management

DATE CVE VULNERABILITY TITLE RISK
2020-11-09 CVE-2020-4651 Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Spatial Asset Management
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
high complexity
ibm CWE-352
4.8
4.8
2020-11-09 CVE-2020-4650 Insecure Storage of Sensitive Information vulnerability in IBM Maximo Spatial Asset Management
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
3.3
2020-09-16 CVE-2020-4409 Open Redirect vulnerability in IBM products
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack.
network
low complexity
ibm CWE-601
8.2
8.2
2020-04-17 CVE-2019-4749 Cross-site Scripting vulnerability in IBM products
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-04-17 CVE-2019-4644 Cross-site Scripting vulnerability in IBM products
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1