Smartcloud Control Desk CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (65 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2013-3323	1 Ibm	13 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 10 more	2024-11-21	9.8 Critical
A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
CVE-2012-6356	1 Ibm	3 Maximo Asset Management, Maximo Asset Management Essentials, Smartcloud Control Desk	2024-08-06	N/A
IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to an import operation.
CVE-2012-6357	1 Ibm	3 Maximo Asset Management, Maximo Asset Management Essentials, Smartcloud Control Desk	2024-08-06	N/A
IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges and bypass intended restrictions on asset-lookup operations via unspecified vectors.
CVE-2012-6355	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2024-08-06	N/A
IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to a work order.
CVE-2012-3327	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to a login action.
CVE-2012-3326	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3322	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a display name.
CVE-2012-3333	1 Ibm	2 Maximo Asset Management, Smartcloud Control Desk	2024-08-06	N/A
CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter in a URL.
CVE-2012-3313	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3316	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3321	1 Ibm	1 Smartcloud Control Desk	2024-08-06	N/A
IBM SmartCloud Control Desk 7.5 allows remote authenticated users to bypass intended access restrictions via vectors involving an expired password.
CVE-2012-2185	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2012-2184	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2012-2183	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2012-0746	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-0747	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0728	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0727	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0714	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2024-08-06	N/A
Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2013-6741	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 4 more	2024-08-06	N/A
IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.7 LAFIX.20140319-0837 allow remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error.

« first previous Page 3 of 4. next last »