Описание
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00328
Низкий
5.5 Medium
CVSS3
6 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.
EPSS
Процентиль: 55%
0.00328
Низкий
5.5 Medium
CVSS3
6 Medium
CVSS2
Дефекты
CWE-77