VYPR
Medium severity6.1NVD Advisory· Published Feb 8, 2017· Updated Jun 17, 2026

CVE-2016-5902

CVE-2016-5902

Description

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

29
  • cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:a:ibm:maximo_for_aviation:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_aviation:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_aviation:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_aviation:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_energy_optimization:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_energy_optimization:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_energy_optimization:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_energy_optimization:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_government:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_government:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_life_sciences:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_life_sciences:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_nuclear_power:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_transportation:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_transportation:7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_utilities:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_for_utilities:7.6:*:*:*:*:*:*:*
  • IBM Corporation/IBM Maximo Asset Management 6.2, 7.1, 7.5, 7.5.0.0, 7.5.0.10, 7.1.0.0, 6.2.0.0, 7.2, 7.1.1, 7.1.2, 7.2.1, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 7.1.1.1, 7.1.1.10, 7.1.1.11, 7.1.1.12, 7.1.1.2, 7.1.1.5, 7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.5.0.1, 7.5.0.2, 7.5.0.3, 7.5.0.4, 7.5.0.5, 7.6, 7.5.0, 7.6.0v5
    Range: IBM Maximo Asset Management 6.2, 7.1, 7.5, 7.5.0.0, 7.5.0.10, 7.1.0.0, 6.2.0.0, 7.2, 7.1.1, 7.1.2, 7.2.1, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 7.1.1.1, 7.1.1.10, 7.1.1.11, 7.1.1.12, 7..10

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.