CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32337 – IBM Maximo Spatial Asset Management server-side request forgery
https://notcve.org/view.php?id=CVE-2023-32337
IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288. IBM Maximo Spatial Asset Management 8.10 es vulnerable a server-side request forgery (SSRF). Esto puede permitir que un atacante autenticado envíe solicitudes no autorizadas desde el sistema, lo que podría provocar la enumeración de la red o facilitar otros ataques. • https://exchange.xforce.ibmcloud.com/vulnerabilities/255288 https://www.ibm.com/support/pages/node/7107712 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-47718 – IBM Maximo Asset Management cross-site request forgery
https://notcve.org/view.php?id=CVE-2023-47718
IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843. IBM Maximo Asset Management 7.6.1.3 y Manage Component 8.10 a 8.11 son vulnerables a cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el sitio web. ID de IBM X-Force: 271843. • https://exchange.xforce.ibmcloud.com/vulnerabilities/271843 https://www.ibm.com/support/pages/node/7107738 https://www.ibm.com/support/pages/node/7107740 • CWE-352: Cross-Site Request Forgery (CSRF) •