Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Maximo Spatial Asset Management
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-4650 1 Ibm 1 Maximo Spatial Asset Management 2021-07-21 2.1 LOW 3.3 LOW
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023.
CVE-2020-4651 1 Ibm 1 Maximo Spatial Asset Management 2020-11-12 2.9 LOW 4.8 MEDIUM
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186024.
CVE-2020-4409 1 Ibm 20 Control Desk, Maximo Asset Configuration Manager, Maximo Asset Health Insights and 17 more 2020-09-28 5.8 MEDIUM 8.2 HIGH
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 179537.
CVE-2019-4749 1 Ibm 20 Control Desk, Maximo Asset Configuration Manager, Maximo Asset Health Insights and 17 more 2020-04-21 3.5 LOW 5.4 MEDIUM
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173308.
CVE-2019-4644 1 Ibm 20 Control Desk, Maximo Asset Configuration Manager, Maximo Asset Health Insights and 17 more 2020-04-21 4.3 MEDIUM 6.1 MEDIUM
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170880.