CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32337 – IBM Maximo Spatial Asset Management server-side request forgery
https://notcve.org/view.php?id=CVE-2023-32337
19 Jan 2024 — IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288. IBM Maximo Spatial Asset Management 8.10 es vulnerable a server-side request forgery (SSRF). Esto puede permitir que un atacante autenticado envíe solicitudes no autorizadas desde el sistema, lo que podría provocar la enumeración de... • https://exchange.xforce.ibmcloud.com/vulnerabilities/255288 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-47718 – IBM Maximo Asset Management cross-site request forgery
https://notcve.org/view.php?id=CVE-2023-47718
19 Jan 2024 — IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843. IBM Maximo Asset Management 7.6.1.3 y Manage Component 8.10 a 8.11 son vulnerables a cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/271843 • CWE-352: Cross-Site Request Forgery (CSRF) •