CVE-2024-35150

🗓️ 25 Jan 2025 14:31:10Reported by ibmType

IBM Maximo Application Suite logs are vulnerable to injection of false entries by attackers.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Log Forging CVE-2024-35150	15 Apr 202503:28	–	ibm
Circl	CVE-2024-35150	25 Jan 202514:31	–	circl
CNNVD	IBM Maximo Application Suite 安全漏洞	25 Jan 202500:00	–	cnnvd
CNVD	IBM Maximo Application Suite Input Validation Error Vulnerability	6 Feb 202500:00	–	cnvd
Cvelist	CVE-2024-35150 IBM Maximo Application Suite log manipulation	25 Jan 202514:31	–	cvelist
EUVD	EUVD-2024-35549	3 Oct 202520:07	–	euvd
NVD	CVE-2024-35150	25 Jan 202515:15	–	nvd
OSV	CVE-2024-35150	25 Jan 202515:15	–	osv
Positive Technologies	PT-2025-2435 · Ibm · Ibm Maximo Application Suite	25 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-35150	23 May 202507:08	–	redhatcve

NVD

Vulners

Node

ibm maximo_application_suiteRange8.10.12–8.10.15

ibm maximo_application_suiteRange8.11–8.11.13

ibm maximo_application_suiteRange9.0.1–9.0.5

ibm maximo_application_suiteMatch9.1.0

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:maximo_application_suite:8.10.12:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:maximo_application_suite:8.11.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:maximo_application_suite:9.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:maximo_application_suite:9.1.0:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Maximo Application Suite",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "8.10.12, 8.11.0, 9.0.1, 9.1.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7180057

08 Jul 2025 20:22Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.3

EPSS0.0009

SSVC

CWE-117