VYPR

Maximo For Aviation

by IBM

CVEs (3)

  • CVE-2016-5902MedFeb 8, 2017
    risk 0.40cvss 6.1epss 0.01

    IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

  • CVE-2016-6072MedFeb 1, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

  • CVE-2016-5896MedFeb 1, 2017
    risk 0.35cvss 5.3epss 0.01

    IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.