CVE-2019-4644 vulnerability in IBM Products
Published on April 17, 2020

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170880.

NVD

Products Associated with CVE-2019-4644

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-4644 are published in these products:

IBM Control Desk

IBM Maximo Asset Configuration Manager

IBM Maximo Asset Health Insights

IBM Maximo Asset Management

IBM Maximo Asset Management Scheduler

IBM Maximo Asset Management Scheduler Plus

IBM Maximo Calibration

IBM Maximo Enterprise Adapter

IBM Maximo Equipment Maintenance Assistant

IBM Maximo For Aviation

IBM Maximo For Life Sciences

IBM Maximo For Nuclear Power

IBM Maximo For Oil And Gas

IBM Maximo For Service Providers

IBM Maximo For Transportation

IBM Maximo For Utilities

IBM Maximo Linear Asset Manager

IBM Maximo Network On Blockchain

IBM Maximo Spatial Asset Management

IBM Tivoli Integration Composer

Affected Versions

IBM Maximo Asset Management Version 7.6 is affected by CVE-2019-4644

Exploit Probability

EPSS

0.17%

Percentile

37.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-4644 vulnerability in IBM ProductsPublished on April 17, 2020

Products Associated with CVE-2019-4644

Affected Versions

Exploit Probability

CVE-2019-4644 vulnerability in IBM Products
Published on April 17, 2020