What is the severity of CVE-2015-0108?

CVE-2015-0108 has a medium severity rating, indicating potential for exploitation in certain scenarios.

How do I fix CVE-2015-0108?

To fix CVE-2015-0108, update your IBM Maximo Asset Management or related products to the latest version that addresses this vulnerability.

Who is affected by CVE-2015-0108?

CVE-2015-0108 affects IBM Maximo Asset Management versions 7.1 through 7.1.1.8, and certain other IBM Tivoli products.

What type of vulnerability is CVE-2015-0108?

CVE-2015-0108 is a cross-site scripting (XSS) vulnerability that allows users to inject arbitrary web script or HTML.

Can CVE-2015-0108 be exploited remotely?

Yes, CVE-2015-0108 can potentially be exploited by remote authenticated users.

Vulnerability/
CVE-2015-0108

medium

4.3

CWE

18/2/2015

6/8/2024

CVE-2015-0108: XSS

First published: Wed Feb 18 2015(Updated: )

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0109.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
Ibm Change And Configuration Management Database	=7.1
Ibm Change And Configuration Management Database	=7.2
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.1.1
IBM Maximo Asset Management	=7.1.1.1
IBM Maximo Asset Management	=7.1.1.2
IBM Maximo Asset Management	=7.1.1.5
IBM Maximo Asset Management	=7.1.1.6
IBM Maximo Asset Management	=7.1.1.7
IBM Maximo Asset Management	=7.1.1.8
Ibm Maximo Asset Management Essentials	=7.1
Ibm Maximo For Government	=7.1
Ibm Maximo For Life Sciences	=7.1
Ibm Maximo For Nuclear Power	=7.1
Ibm Maximo For Oil And Gas	=7.1
Ibm Maximo For Transportation	=7.1
Ibm Maximo For Utilities	=7.1
IBM Tivoli Asset Management for IT	=7.1
IBM Tivoli Asset Management for IT	=7.2
Ibm Tivoli Service Request Manager	=7.1
Ibm Tivoli Service Request Manager	=7.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0108?
CVE-2015-0108 has a medium severity rating, indicating potential for exploitation in certain scenarios.
How do I fix CVE-2015-0108?
To fix CVE-2015-0108, update your IBM Maximo Asset Management or related products to the latest version that addresses this vulnerability.
Who is affected by CVE-2015-0108?
CVE-2015-0108 affects IBM Maximo Asset Management versions 7.1 through 7.1.1.8, and certain other IBM Tivoli products.
What type of vulnerability is CVE-2015-0108?
CVE-2015-0108 is a cross-site scripting (XSS) vulnerability that allows users to inject arbitrary web script or HTML.
Can CVE-2015-0108 be exploited remotely?
Yes, CVE-2015-0108 can potentially be exploited by remote authenticated users.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/author
agent/tags
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/ibm
canonical/ibm change and configuration management database
version/ibm change and configuration management database/7.1
version/ibm change and configuration management database/7.2
canonical/ibm maximo asset management
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.1.1
version/ibm maximo asset management/7.1.1.1
version/ibm maximo asset management/7.1.1.2
version/ibm maximo asset management/7.1.1.5
version/ibm maximo asset management/7.1.1.6
version/ibm maximo asset management/7.1.1.7
version/ibm maximo asset management/7.1.1.8
canonical/ibm maximo asset management essentials
version/ibm maximo asset management essentials/7.1
canonical/ibm maximo for government
version/ibm maximo for government/7.1
canonical/ibm maximo for life sciences
version/ibm maximo for life sciences/7.1
canonical/ibm maximo for nuclear power
version/ibm maximo for nuclear power/7.1
canonical/ibm maximo for oil and gas
version/ibm maximo for oil and gas/7.1
canonical/ibm maximo for transportation
version/ibm maximo for transportation/7.1
canonical/ibm maximo for utilities
version/ibm maximo for utilities/7.1
canonical/ibm tivoli asset management for it
version/ibm tivoli asset management for it/7.1
version/ibm tivoli asset management for it/7.2
canonical/ibm tivoli service request manager
version/ibm tivoli service request manager/7.1
version/ibm tivoli service request manager/7.2

Frequently Asked Questions

What is the severity of CVE-2015-0108?
CVE-2015-0108 has a medium severity rating, indicating potential for exploitation in certain scenarios.
How do I fix CVE-2015-0108?
To fix CVE-2015-0108, update your IBM Maximo Asset Management or related products to the latest version that addresses this vulnerability.
Who is affected by CVE-2015-0108?
CVE-2015-0108 affects IBM Maximo Asset Management versions 7.1 through 7.1.1.8, and certain other IBM Tivoli products.
What type of vulnerability is CVE-2015-0108?
CVE-2015-0108 is a cross-site scripting (XSS) vulnerability that allows users to inject arbitrary web script or HTML.
Can CVE-2015-0108 be exploited remotely?
Yes, CVE-2015-0108 can potentially be exploited by remote authenticated users.

CVE-2015-0108: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0108?

How do I fix CVE-2015-0108?

Who is affected by CVE-2015-0108?

What type of vulnerability is CVE-2015-0108?

Can CVE-2015-0108 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-0108?

How do I fix CVE-2015-0108?

Who is affected by CVE-2015-0108?

What type of vulnerability is CVE-2015-0108?

Can CVE-2015-0108 be exploited remotely?