Rewterz Threat Advisory – CVE-2020-4529 – IBM Maximo Asset Management server-side request forgery

Rewterz Threat Advisory – CVE-2020-11975 – Apache Unomi code execution Vulnerability

June 9, 2020

Rewterz Threat Advisory – CVE-2020-13818 – ManageEngine OpManager directory traversal

June 9, 2020

Rewterz Threat Advisory – CVE-2020-4529 – IBM Maximo Asset Management server-side request forgery

Severity

Medium

Analysis Summary

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Impact

Gain Access

Affected Vendors

IBM

Affected Products

IBM Maximo Asset Management 7.6.0
IBM Maximo Asset Management 7.6.1

Remediation

Refer to IBM Security Bulletin 6220528 for patch, upgrade or suggested workaround information.

Rewterz Threat Advisory – CVE-2020-11975 – Apache Unomi code execution Vulnerability

Rewterz Threat Advisory – CVE-2020-13818 – ManageEngine OpManager directory traversal

Rewterz Threat Advisory – CVE-2020-4529 – IBM Maximo Asset Management server-side request forgery

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan