CVE-2017-1352

Summary

IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.

Affected Software

VendorProductVersion RangeStatus
IBMMaximo Asset Management7.5affected
IBMMaximo Asset Management7.6affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References