Skip to main content

Maximo Spatial Asset Management

3 CVEs product

Monthly

CVE-2020-4651 MEDIUM PATCH This Month

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions. Rated medium severity (CVSS 4.8), this vulnerability is no authentication required. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Maximo Spatial Asset Management
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2020-4650 LOW PATCH Monitor

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

IBM Information Disclosure Maximo Spatial Asset Management
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-4409 HIGH PATCH This Week

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

IBM Open Redirect Control Desk Maximo Asset Configuration Manager Maximo Asset Health Insights +17
NVD
CVSS 3.1
8.2
EPSS
0.9%
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions. Rated medium severity (CVSS 4.8), this vulnerability is no authentication required. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Maximo Spatial Asset Management
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

IBM Information Disclosure Maximo Spatial Asset Management
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

IBM Open Redirect Control Desk +19
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy