Cross-site Scripting Vulnerability in IBM Maximo Asset Management
CVE-2012-0746

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Asset Management For It; Smartcloud Control Desk; Change And Configuration Management Database; Maximo Asset Management
Vendor: CVE Published:; 10 September 2012

What is CVE-2012-0746?

IBM Maximo Asset Management 7.5 and its associated products are susceptible to a cross-site scripting (XSS) vulnerability. This flaw allows authenticated remote attackers to inject arbitrary web scripts or HTML into web pages, potentially leading to unauthorized actions and disclosure of sensitive information. The attack vectors involved remain unspecified, emphasizing the need for vigilance in securing affected systems and applying patches without delay.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV17961

vendor-advisoryx_refsource_AIXAPAR

http://secunia.com/advisories/50551

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21610081

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2012
Vulnerability Reserved
Jan 17, 2012