VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Feb 18, 2015· Updated May 6, 2026

CVE-2015-0108

CVE-2015-0108

Description

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0109.

Affected products

21
  • IBM/Change And Configuration Management Database2 versions
    cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:change_and_configuration_management_database:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:*
  • IBM/Maximo Asset Management8 versions
    cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:*
  • IBM/Maximo Asset Management Essentials
    cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:*
  • IBM/Maximo For Government
    cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*
  • IBM/Maximo For Life Sciences
    cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*
  • IBM/Maximo For Nuclear Power
    cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*
  • IBM/Maximo For Oil And Gas
    cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*
  • IBM/Maximo For Transportation
    cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*
  • IBM/Maximo For Utilities
    cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*
  • IBM/Tivoli Asset Management For It2 versions
    cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2:*:*:*:*:*:*:*
  • IBM/Tivoli Service Request Manager2 versions
    cpe:2.3:a:ibm:tivoli_service_request_manager:7.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:tivoli_service_request_manager:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_service_request_manager:7.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.