CVE-2018-1699

Summary

IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145968.

Affected Software

VendorProductVersion RangeStatus
IBMMaximo Asset Management7.6affected
IBMMaximo Asset Management7.6.0affected
IBMMaximo Asset Management7.6.0.1affected
IBMMaximo Asset Management7.6.1affected
IBMMaximo Asset Management7.6.2affected
IBMMaximo Asset Management7.6.2.1affected
IBMMaximo Asset Management7.6.2.2affected
IBMMaximo Asset Management7.6.2.3affected
IBMMaximo Asset Management7.6.2.4affected
IBMMaximo Asset Management7.6.3affected

Weaknesses

  • Data Manipulation

ADP Enrichment

CVE Program Container

Additional References

References