IBM » Smartcloud Control Desk : Security Vulnerabilities, CVEs, CVSS score >= 8
IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbirary commands on the system. IBM X-Force ID: 161680.
Max CVSS
8.5
EPSS Score
0.24%
Published
2019-06-19
Updated
2023-01-30
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.
Max CVSS
9.0
EPSS Score
0.09%
Published
2018-08-03
Updated
2019-10-09
A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
Max CVSS
9.8
EPSS Score
0.39%
Published
2020-02-18
Updated
2020-02-21
3 vulnerabilities found