CVE-2013-3973SQL Injection in IBM Maximo Asset Management

CWE-89SQL Injection3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 46.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Maximo Asset Management
Timeline
PublishedOct 1
Latest updateMay 17

Description

SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

NVDibm/maximo_asset_management16 versions+15

🔴Vulnerability Details

2
GHSA
GHSA-h537-j2f2-7q2v: SQL injection vulnerability in IBM Maximo Asset Management 72022-05-17
CVEList
CVE-2013-3973: SQL injection vulnerability in IBM Maximo Asset Management 72013-10-01
CVE-2013-3973 — SQL Injection in IBM | cvebase