← Back

Maximo Equipment Maintenance Assistant

maximo_equipment_maintenance_assistant

Vendor: Ibm • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-4409
1Ibm
20Control Desk
Maximo Asset Configuration ManagerMaximo Asset Health Insights+17 more
Nov 21, 2024
Sep 16, 2020
N/A· v4
8.2 HIGH· v3
5.8 MEDIUM· v2
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could expl...Show more
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 179537.Show less
CVE-2019-4749
1Ibm
20Control Desk
Maximo Asset Configuration ManagerMaximo Asset Health Insights+17 more
Nov 21, 2024
Apr 17, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred...Show more
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173308.Show less
CVE-2019-4644
1Ibm
20Control Desk
Maximo Asset Configuration ManagerMaximo Asset Health Insights+17 more
Nov 21, 2024
Apr 17, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred...Show more
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170880.Show less