IBM Maximo Application Suite Log Injection Vulnerability in Monitor Component

Vulnerability

A log injection vulnerability has been identified in the Monitor Component of IBM Maximo Application Suite. This issue affects versions 8.10.12, 8.11.0, 9.0.1, and 9.1.0. The vulnerability arises because the application does not properly sanitize output before it is logged, potentially allowing an attacker to insert misleading log entries.

Impact

Exploitation of this vulnerability could lead to the injection of false log entries, which may be used to mislead administrators or obscure malicious activity.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Maximo Application Suite Log Injection Vulnerability in Monitor Component

Vulnerability

Impact

Affected Products

IBM Maximo Application Suite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating