High Severity

Security Bulletin: IBM Maximo Asset Management is vulnerable to Stored Cross-site Scripting (CVE-2021-29743)

Share this post:

IBM Maximo Asset Management is vulnerable to stored cross-site scripting.

CVE(s): CVE-2021-29743

Affected product(s) and affected version(s):

This vulnerability affects the following versions of the IBM Maximo Asset Management core product.  Older versions of Maximo Asset Management may be impacted. The recommended action is to update to the latest version.

Maximo Asset Management core product versions affected:

Affected Product(s) Version(s)
IBM Maximo Asset Management 7.6.0.x
IBM Maximo Asset Management 7.6.1.x
IBM Maximo Application Suite MAS8.4 – Manage 8.0

* To determine the core product version, log in and view System Information. The core product version is the "Tivoli's process automation engine" version. Please consult the Product Coexistence Matrix for a list of supported product combinations.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6484679
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/201693

More stories

Security Bulletin: IBM Db2 Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-29702)

Sep 20, 2021 8:03 pm EDT | High Severity

An IBM Db2 Server vulnerability affects IBM Emptoris Strategic Supply Management Platform. ...read more


Security Bulletin: IBM Db2 Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-29702)

Sep 20, 2021 8:02 pm EDT | High Severity

An IBM Db2 Server vulnerability affects IBM Emptoris Program Management. ...read more


Security Bulletin: Multiple IBM Db2 Server Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt

Sep 20, 2021 8:02 pm EDT | High Severity

Multiple IBM Db2 Server vulnerabilities affect IBM Emptoris Supplier Lifecycle Mgmt. ...read more