Vulnerability Details CVE-2025-14684
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.8%
CVSS Severity
CVSS v3 Score 4.0
Products affected by CVE-2025-14684
-
cpe:2.3:a:ibm:maximo_application_suite:8.10
-
cpe:2.3:a:ibm:maximo_application_suite:8.10.10
-
cpe:2.3:a:ibm:maximo_application_suite:8.10.11
-
cpe:2.3:a:ibm:maximo_application_suite:8.10.12
-
cpe:2.3:a:ibm:maximo_application_suite:8.10.14
-
cpe:2.3:a:ibm:maximo_application_suite:8.10.15
-
cpe:2.3:a:ibm:maximo_application_suite:8.11
-
cpe:2.3:a:ibm:maximo_application_suite:8.11.11
-
cpe:2.3:a:ibm:maximo_application_suite:8.11.12
-
cpe:2.3:a:ibm:maximo_application_suite:8.11.13
-
cpe:2.3:a:ibm:maximo_application_suite:8.11.7
-
cpe:2.3:a:ibm:maximo_application_suite:8.11.8
-
cpe:2.3:a:ibm:maximo_application_suite:9.0
-
cpe:2.3:a:ibm:maximo_application_suite:9.0.1
-
cpe:2.3:a:ibm:maximo_application_suite:9.0.15
-
cpe:2.3:a:ibm:maximo_application_suite:9.0.4
-
cpe:2.3:a:ibm:maximo_application_suite:9.0.5
-
cpe:2.3:a:ibm:maximo_application_suite:9.0.7
-
cpe:2.3:a:ibm:maximo_application_suite:9.1.0
-
cpe:2.3:a:ibm:maximo_application_suite:9.1.4