CVE-2018-1715

Summary

IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147003.

Affected Software

VendorProductVersion RangeStatus
IBMMaximo Asset Management7.6affected
IBMMaximo Asset Management7.6.0affected
IBMMaximo Asset Management7.6.0.1affected
IBMMaximo Asset Management7.6.1affected
IBMMaximo Asset Management7.6.2affected
IBMMaximo Asset Management7.6.2.1affected
IBMMaximo Asset Management7.6.2.2affected
IBMMaximo Asset Management7.6.2.3affected
IBMMaximo Asset Management7.6.2.4affected
IBMMaximo Asset Management7.6.3affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References