Sql injection

2018-02-2219:29:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.0%

JSON

IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 138820.

CPENameOperatorVersion
maximo_asset_managementeq7.5.0.0
maximo_asset_managementeq7.6.0.0
maximo_asset_management_essentialseq7.5.0.0

Name	Operator	Version
maximo_asset_management	eq	7.5.0.0
maximo_asset_management	eq	7.6.0.0
maximo_asset_management_essentials	eq	7.5.0.0

References

www.ibm.com/support/docview.wss?uid=swg22013797

www.securityfocus.com/bid/103154

exchange.xforce.ibmcloud.com/vulnerabilities/138820