Ibm: >> Maximo Application Suite >> 8.11.7 Security Vulnerabilities
IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform unauthorized actions due to improper input validation.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-10
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-01-25
IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs, which could allow an attacker to inject false log entries.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-25
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-25
IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-10-24