2 matches found
CVE-2019-4671
IBM Maximo Asset Management core product versions 7.6.0 and 7.6.1 are affected by a SQL injection vulnerability. The root cause is lack of validation of externally entered SQL statements, enabling a remote attacker to view, add, modify, or delete data in the back-end database. Exploitation is rem...
Security Bulletin: IBM Maximo Asset Management is vulnerable to SQL Injection (CVE-2019-4671)
Summary IBM Maximo Asset Management is vulnerable to SQL Injection. Vulnerability Details CVEID: CVE-2019-4671 DESCRIPTION: IBM Maximo Asset Management is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modif...