- Description
- IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
- Products
- maximo_application_suite
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@us.ibm.com
- CWE-89
- Hype score
- Not currently trending
CVE-2024-35148 SQL Injection Vulnerability in IBM Maximo Suite Monitor Component https://t.co/1KFPguIPc8 Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
25 Jan 2025
88 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-35148 IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statement… https://t.co/gIpCPYBj7E
@CVEnew
25 Jan 2025
688 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:8.10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "864A07E0-4B3D-42C1-8201-8D1F8F06624C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:8.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "818EC545-251D-4AEE-89AB-BDAC3079A33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE55E332-8128-4214-8A5B-24F79D95A3FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]