Ibm Maximo_asset_management_essentials
47 CVEs affecting Ibm Maximo_asset_management_essentials. Latest disclosed: 2017-12-13. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-9977 | High | 8.8 | 2017-06-07 | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to hijack a user's session, caused by the failure to invalidate an existing session… |
CVE-2015-0104 | High | 8.8 | 2017-04-24 | IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo… |
CVE-2016-9976 | High | 8.4 | 2017-05-03 | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL re… |
CVE-2015-0107 | Medium | 6.5 | 2017-04-24 | IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo… |
CVE-2017-1558 | Medium | 6.1 | 2017-12-13 | IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to vis… |
CVE-2017-1291 | Medium | 5.4 | 2017-05-26 | IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-cr… |
CVE-2015-7448 | Medium | 5.4 | 2016-03-12 | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset M… |
CVE-2015-5017 | Medium | 5.4 | 2016-01-03 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6.0.2 IFIX002; Maximo Asset Management 7.5.0 before 7.5.0.8… |
CVE-2015-7396 | Medium | 5.4 | 2016-01-02 | The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7… |
CVE-2015-7451 | Medium | 5.4 | 2016-01-02 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.9 IF2 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 befor… |
CVE-2017-1292 | Medium | 5.3 | 2017-05-26 | IBM Maximo Asset Management 7.5 and 7.6 generates error messages that could reveal sensitive information that could be used in further attacks against the syst… |
CVE-2017-1357 | Medium | 4.3 | 2017-08-09 | IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to manipulate work orders to forge emails which could be used to conduct further adva… |
CVE-2015-5051 | Medium | 4.3 | 2016-01-03 | IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2… |
CVE-2015-7452 | Medium | 4.3 | 2016-01-02 | IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3… |
CVE-2015-7487 | Medium | 4.1 | 2016-01-27 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX002, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9… |
CVE-2015-4967 | | 2015-10-06 | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1 IFIX002; Maximo Asset M… | |
CVE-2015-4965 | | 2015-10-06 | maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1… | |
CVE-2015-4944 | | 2015-10-06 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX003, and 7.6.0 before 7.6.0.1 IFIX001; M… | |
CVE-2015-1934 | | 2015-10-04 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX002, and 7.6.0 before 7.6.0.1 IFIX001; Maximo Asset Management 7.5.x before 7.5.0.8… | |
CVE-2015-1933 | | 2015-10-04 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.1 IFIX001; Maximo Asset Management 7.5.x before 7.5.0.8… |