2 matches found
Security Bulletin: IBM Maximo Asset Management could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file (CVE-2017-1352)
Summary IBM Maximo Asset Management could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. Vulnerability Details CVEID: CVE-2017-1352 DESCRIPTION: IBM Maximo Asset Management could allow an authenticated user ...
CVE-2017-1352
Summary: CVE-2017-1352 affects IBM Maximo Asset Management core product versions 7.6 and 7.5, and Maximo Asset Management Essentials 7.5 (plus affected industry solutions and IBM Control Desk if installed on a vulnerable core). Affected software could allow an authenticated user to inject command...