CVE-2021-20509
published 2021-08-12CVE-2021-20509: IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 198243.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | maximo_asset_management | < 7.6.1.2 | 7.6.1.2 |
| ibm | maximo_asset_management | — | — |
| ibm | maximo_asset_management | — | — |