Security Bulletin: Multiple Security Vulnerabilities Addressed in Maximo Asset and Service Management Products
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirtmedium maximo psirttivoli
0 Comments | 2,001 Visits
Multiple security vulnerabilities have been addressed in Maximo Asset Management, Tivoli Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database. These vulnerabilities include cross-site scripting, cross-site request forgery, SQL injection, information disclosure, and denial of service (DoS) issues.
CVE(s): CVE-2011-1394, CVE-2011-1395, CVE-2011-1396, CVE-2011-1397, CVE-2011-4816, CVE-2011-4817, CVE-2011-4818, CVE-2011-4819, CVE-2012-0195
Affected product(s): IBM Maximo Asset Management
Affected version(s): 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 7.1, 7.1.1, 7.5