CVE-2025-14684

Summary

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

Affected Software

VendorProductVersion RangeStatus
IBMMaximo Application Suite - Monitor Component9.1affected
IBMMaximo Application Suite - Monitor Component9.0affected
IBMMaximo Application Suite - Monitor Component8.11affected
IBMMaximo Application Suite - Monitor Component8.10affected

Weaknesses

  • CWE-117: CWE-117 Improper Output Neutralization for Logs

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References