Maximo Asset Health Insights Security Vulnerabilities and Issues — Maximo Asset Health Insights CVE List

cve

CVE-2020-4409

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious Web site that would...

8.2CVSS

7.6AI Score

0.003EPSS

2020-09-16 04:15 PM

19

cve

CVE-2019-4644

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

6.1CVSS

5.8AI Score

0.001EPSS

2020-04-17 02:15 PM

24

cve

CVE-2019-4446

IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters. IBM X-Force ID:...

5.4CVSS

5.2AI Score

0.001EPSS

2020-04-17 02:15 PM

15

cve

CVE-2019-4749

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS

5.2AI Score

0.001EPSS

2020-04-17 02:15 PM

28