CVE-2019-4486 vulnerability in IBM Products
Published on October 24, 2019

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164070.

NVD

Products Associated with CVE-2019-4486

Want to know whenever a new CVE is published for IBM products? stack.watch will email you.

IBM Maximo Asset Management

IBM Maximo For Aviation

IBM Maximo For Life Sciences

IBM Maximo For Nuclear Power

IBM Maximo For Oil And Gas

IBM Maximo For Transportation

IBM Maximo For Utilities

IBM Smartcloud Control Desk

IBM Tivoli Integration Composer

Affected Versions

IBM Maximo Asset Management Version 7.6 is affected by CVE-2019-4486

Exploit Probability

EPSS

0.21%

Percentile

43.41%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-4486 vulnerability in IBM ProductsPublished on October 24, 2019

Products Associated with CVE-2019-4486

Affected Versions

Exploit Probability

CVE-2019-4486 vulnerability in IBM Products
Published on October 24, 2019