Maximo Asset Management
by IBM
CVEs (187)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-0457 | 0.00 | — | 0.01 | Feb 20, 2013 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessionid. | |||
| CVE-2012-6357 | 0.00 | — | 0.01 | Feb 20, 2013 | IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges and bypass intended restrictions on asset-lookup operations via unspecified vectors. | |||
| CVE-2012-6356 | 0.00 | — | 0.01 | Feb 20, 2013 | IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to an import operation. | |||
| CVE-2012-6355 | 0.00 | — | 0.01 | Feb 20, 2013 | IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2,… | |||
| CVE-2012-3328 | 0.00 | — | 0.01 | Feb 20, 2013 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management Essentials 7.1, Tivoli Asset Management for IT 7.1 and 7.2, Tivoli Service Request Manager 7.1 and 7.2, and Change and Configuration Management Database (CCMDB) 7.1 and 7.2… | |||
| CVE-2012-3327 | 0.00 | — | 0.01 | Feb 20, 2013 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and… | |||
| CVE-2012-3322 | 0.00 | — | 0.01 | Feb 20, 2013 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and… | |||
| CVE-2012-3316 | 0.00 | — | 0.01 | Feb 20, 2013 | Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2,… | |||
| CVE-2012-3326 | 0.00 | — | 0.01 | Sep 10, 2012 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers… | |||
| CVE-2012-3313 | 0.00 | — | 0.01 | Sep 10, 2012 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows… | |||
| CVE-2012-2185 | 0.00 | — | 0.01 | Sep 10, 2012 | IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive… | |||
| CVE-2012-2184 | 0.00 | — | 0.01 | Sep 10, 2012 | Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote… | |||
| CVE-2012-2183 | 0.00 | — | 0.02 | Sep 10, 2012 | Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote… | |||
| CVE-2012-0747 | 0.00 | — | 0.01 | Sep 10, 2012 | SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote… | |||
| CVE-2012-0746 | 0.00 | — | 0.01 | Sep 10, 2012 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote… | |||
| CVE-2012-0728 | 0.00 | — | 0.01 | Sep 10, 2012 | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote… | |||
| CVE-2012-0727 | 0.00 | — | 0.01 | Sep 10, 2012 | SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to… | |||
| CVE-2012-0714 | 0.00 | — | 0.01 | Sep 10, 2012 | Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB),… | |||
| CVE-2012-0195 | 0.00 | — | 0.02 | Mar 13, 2012 | Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2;… | |||
| CVE-2011-4819 | 0.00 | — | 0.01 | Mar 13, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/. |
- CVE-2013-0457Feb 20, 2013risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessionid.
- CVE-2012-6357Feb 20, 2013risk 0.00cvss —epss 0.01
IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges and bypass intended restrictions on asset-lookup operations via unspecified vectors.
- CVE-2012-6356Feb 20, 2013risk 0.00cvss —epss 0.01
IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to an import operation.
- CVE-2012-6355Feb 20, 2013risk 0.00cvss —epss 0.01
IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2,…
- CVE-2012-3328Feb 20, 2013risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management Essentials 7.1, Tivoli Asset Management for IT 7.1 and 7.2, Tivoli Service Request Manager 7.1 and 7.2, and Change and Configuration Management Database (CCMDB) 7.1 and 7.2…
- CVE-2012-3327Feb 20, 2013risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and…
- CVE-2012-3322Feb 20, 2013risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and…
- CVE-2012-3316Feb 20, 2013risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2,…
- CVE-2012-3326Sep 10, 2012risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers…
- CVE-2012-3313Sep 10, 2012risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows…
- CVE-2012-2185Sep 10, 2012risk 0.00cvss —epss 0.01
IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive…
- CVE-2012-2184Sep 10, 2012risk 0.00cvss —epss 0.01
Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote…
- CVE-2012-2183Sep 10, 2012risk 0.00cvss —epss 0.02
Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote…
- CVE-2012-0747Sep 10, 2012risk 0.00cvss —epss 0.01
SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote…
- CVE-2012-0746Sep 10, 2012risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote…
- CVE-2012-0728Sep 10, 2012risk 0.00cvss —epss 0.01
SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote…
- CVE-2012-0727Sep 10, 2012risk 0.00cvss —epss 0.01
SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to…
- CVE-2012-0714Sep 10, 2012risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB),…
- CVE-2012-0195Mar 13, 2012risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2;…
- CVE-2011-4819Mar 13, 2012risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/.
Page 9 of 10