threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm control desk
Product
ibm control desk
15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-22330
all versions
IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly fl
5.3
MEDIUM
CVE-2022-22329
all versions
IBM Control Desk 7.6.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get
4.3
MEDIUM
CVE-2021-20559
all versions
IBM Control Desk 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary Jav
5.4
MEDIUM
CVE-2020-4409
all versions
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack.
8.2
HIGH
CVE-2019-4749
all versions
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri
5.4
MEDIUM
CVE-2019-4644
all versions
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri
6.1
MEDIUM
CVE-2019-4446
all versions
IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request
5.4
MEDIUM
CVE-2019-4429
all versions
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitr
5.4
MEDIUM
CVE-2019-4512
all versions
IBM Maximo Asset Management 7.6.1.1 generates an error message that includes sensitive information that could be used in further a
4.3
MEDIUM
CVE-2019-4364
all versions
IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbir
8.0
HIGH
CVE-2019-4303
all versions
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri
5.4
MEDIUM
CVE-2019-4056
all versions
IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload ma
4.3
MEDIUM
CVE-2019-4048
all versions
IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive information from a previous user of
2.1
LOW
CVE-2018-2028
all versions
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allo
6.5
MEDIUM
CVE-2015-5016
all versions
IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli As
4.3
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin