) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:maximo_anywhere:7.6.1.0:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-4429 |
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162886. Published: February 19, 2020; 11:15:11 AM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2019-4265 |
IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160198. Published: October 10, 2019; 10:15:18 AM -0400 |
V3.1: 2.4 LOW V2.0: 2.1 LOW |
| CVE-2017-1604 |
IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132851. Published: February 21, 2018; 4:29:00 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |