Medium severity6.1NVD Advisory· Published Feb 8, 2017· Updated Jun 17, 2026
CVE-2016-5902
CVE-2016-5902
Description
IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
29cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*
- (no CPE)
cpe:2.3:a:ibm:maximo_for_aviation:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_aviation:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_aviation:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_aviation:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_energy_optimization:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_energy_optimization:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_energy_optimization:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_energy_optimization:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_government:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_government:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_life_sciences:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_life_sciences:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_nuclear_power:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_transportation:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_transportation:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_utilities:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:maximo_for_utilities:7.6:*:*:*:*:*:*:*
- IBM Corporation/IBM Maximo Asset Management 6.2, 7.1, 7.5, 7.5.0.0, 7.5.0.10, 7.1.0.0, 6.2.0.0, 7.2, 7.1.1, 7.1.2, 7.2.1, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 7.1.1.1, 7.1.1.10, 7.1.1.11, 7.1.1.12, 7.1.1.2, 7.1.1.5, 7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.5.0.1, 7.5.0.2, 7.5.0.3, 7.5.0.4, 7.5.0.5, 7.6, 7.5.0, 7.6.0v5Range: IBM Maximo Asset Management 6.2, 7.1, 7.5, 7.5.0.0, 7.5.0.10, 7.1.0.0, 6.2.0.0, 7.2, 7.1.1, 7.1.2, 7.2.1, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 7.1.1.1, 7.1.1.10, 7.1.1.11, 7.1.1.12, 7..10
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www.securityfocus.com/bid/92535nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.