Ibm Maximo Service Desk — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Maximo Service Desk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2013-3323 — CVSS 9.8 (critical): A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is…
CVE-2012-0714 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli…
CVE-2011-1397 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Labor Reporting page in IBM Maximo Asset Management and Asset Management Essentials…
CVE-2012-2184 — CVSS 6.8 (medium): Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management…
CVE-2012-2183 — CVSS 6.8 (medium): Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management…
CVE-2012-0747 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for…
CVE-2012-6355 — CVSS 6.5 (medium): IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through…
CVE-2013-4016 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749…
CVE-2013-5465 — CVSS 6.5 (medium): IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336…
CVE-2012-0727 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli…
CVE-2012-0728 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for…
CVE-2011-4816 — CVSS 6.5 (medium): SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM…
CVE-2011-1394 — CVSS 5.0 (medium): IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM…
CVE-2012-3327 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through…
CVE-2012-0195 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset…
CVE-2012-3313 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset…
CVE-2012-3326 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management…
CVE-2011-4817 — CVSS 4.0 (medium): The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset…
CVE-2012-2185 — CVSS 4.0 (medium): IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request…
CVE-2014-3025 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5…
CVE-2012-0746 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management…
CVE-2012-3316 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5…
CVE-2012-3322 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through…
CVE-2013-6741 — CVSS 3.5 (low): IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before…
CVE-2014-0824 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before…
CVE-2014-0825 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM Maximo Asset Management 7.x before 7.1.1.12 IFIX.20140321-1336 and 7.5.x…
CVE-2014-0914 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 6.x and 7.x through 7.5.0.6, Maximo Asset…
CVE-2014-0915 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5…